Re: Signing Packages.gz
Quoting from the mailing list archives... :-)
Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de> wrote:
> On Sun, Mar 26, 2000 at 09:00:34AM +1000, Anthony Towns wrote:
> > The whole file --- verifying each entry would take at least three minutes
> I don't think it is useful to sign the Packages file, because:
> > Whose key should be used? Probably a special one just for dinstall,
> > that's kept fairly securely by the Novare and -admin folks, and revoked
> > regularly.
> Any such key would have to be considered insecure, no matter how soon you
> revoke it. So the paranoid people still don't trust it, and the other don't
> care (probably).
Can someone explain to me why any such key would have to be considered
insecure? If we are trusting the admin folks to generate the
Packages file itself, can't we trust them to sign it properly?
Is there another avenue that I can't see where this key could be compromised?
And by the way, how do the paranoid people do things now? (since I would like
to be one of those people :-) ) Do they compile everything from source?
The source is the only place I can find a signature at all, and this is
the path I am currently venturing out on.
Thanks for your responses!
"Chase the dream, not the competition."
- motto of the Nemesis Air Racing Team