Re: .deb integrity check
Hi,
Does not deal with compromised keys, or keys belonging to
people not part of the project anymore. You can reduce this by
providing ready access to to an uptodate debian keyring; but then
come the problem of manually signing that with a secure Project key.
Hmm. We need to ensure that the keyring I have downloaded is
actually uncompromised, and then use that to check all packages to be
installed ...
manoj
>>"Robert" == Robert Thomson <robert.thomson@studentmail.newcastle.edu.au> writes:
Robert> IMHO, Individual packages should be signed (or md5sums,
Robert> whatever) by the maintainer. The maintainer should include
Robert> their public key with the package, and that public key should
Robert> be signed by an official Debian key. Thus verifying that the
Robert> key is in fact authentic. Dpkg shouldn't deal with
Robert> authentication, rather apt, or dselect (urg!) - the transport
Robert> - should check - because it's at this point that most
Robert> packages are downloaded without knowing their authenticity.
Robert> Have a keyring somewhere with the Debian key on it, and allow
Robert> sysadmins to add trusted keys, which work in the same manner.
Robert> How apt/other deals with keys without sig's should be up to
Robert> the sysadmin to define - perhaps on a per repository basis.
--
Lunatic Asylum, n.: The place where optimism most flourishes.
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: