Re: Official Debian digital 'branding' of debs

To: debian-devel@lists.debian.org
Subject: Re: Official Debian digital 'branding' of debs
From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
Date: 24 Jun 1999 14:59:58 +0200
Message-id: <[🔎] 87r9n169f5.fsf@rut.informatik.uni-tuebingen.de>
In-reply-to: Manoj Srivastava's message of "23 Jun 1999 10:11:03 -0500"
References: <[🔎] 87pv2qu8u6.fsf@glaurung.green-gryphon.com> <[🔎] 99062019162300.00801@earth> <[🔎] 87lndbx88o.fsf@glaurung.green-gryphon.com>

Manoj Srivastava <srivasta@debian.org> writes:

> Hi,
> >>"Rene" == Rene Mayrhofer <rmayr@vianova.at> writes:
>...
>         To compromise the security, one would have to not only have
>  compromised the master key, one would have had to compromise the
>  debian keyring package, which is also signed by the maintainer.

How would that make Deb files more secure (apart from the keyring
package itself?) or is the md5sum in the packages file secure enough?

MfG,
	Goswin

PS: The md5sums should be on the unpacked contents of the deb file,
i.e. the control.tar and data.tar.

Reply to:

Follow-Ups:
- Re: Official Debian digital 'branding' of debs
  - From: Manoj Srivastava <srivasta@debian.org>

References:
- Re: Official Debian digital 'branding' of debs
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Official Debian digital 'branding' of debs
  - From: Rene Mayrhofer <rmayr@vianova.at>
- Re: Official Debian digital 'branding' of debs
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: copyright must be written in English?
Next by Date: Re: Official Debian digital 'branding' of debs
Previous by thread: Re: Official Debian digital 'branding' of debs
Next by thread: Re: Official Debian digital 'branding' of debs
Index(es):
- Date
- Thread