Re: Proposal: increasing mirror security

To: Lalo Martins <lalo@webcom.com>
Cc: Debian Development Mailing List <debian-devel@lists.debian.org>
Subject: Re: Proposal: increasing mirror security
From: Jim Pick <jim@jimpick.com>
Date: 25 Jan 1999 11:29:14 -0800
Message-id: <[🔎] 87iudvxib9.fsf@fleming.jimpick.com>
In-reply-to: Lalo Martins's message of "Mon, 25 Jan 1999 15:35:28 -0200"
References: <[🔎] Pine.LNX.3.96.990125083348.24899A-100000@wm7-214.resnet.wm.edu> <[🔎] 19990125153528.A318@lalo.ddns.org>

Lalo Martins <lalo@webcom.com> writes:

> OTOH, we could just sign all packages with a same key ("the
> Debian key"); when dinstall verifies the signature and md5sum in
> the .changes file, it signs the package and updates
> Packages.pgp).

I prefer this method.  Then we have less key distribution worries.

Cheers,

 - Jim

Reply to:

References:
- Proposal: increasing mirror security
  - From: Brandon Mitchell <bhmit1@mail.wm.edu>
- Re: Proposal: increasing mirror security
  - From: Lalo Martins <lalo@webcom.com>

Prev by Date: Re: Proposal: increasing mirror security
Next by Date: Re: Resolutions to comments on LSB-FHS-TS_SPEC_V1.0
Previous by thread: Re: Proposal: increasing mirror security
Next by thread: Re: Proposal: increasing mirror security
Index(es):
- Date
- Thread