On Thu, Nov 14, 2002 at 02:03:42AM +0000, Ian Jackson wrote:
> Javier Fernández-Sanguino Peña writes ("[RFH] The need for signed packages and signed Releases (long, long)"):
> > The needs are:
>
> You have missed the key point. For package signatures to provide any
> significant benefits you need the following:
>
You are mixing signatures+CA which is not good. You can have a
default policy "do not install unless signed" and you can have a default
"do not install unless coming from Debian".
Both overlap but you can do the first one (which prevents the
virus attacks I commented) without doing the second (and thus no need for
a CA at all).
Debsigs-verify implements this, the problem (as I stated in my
mail) is that:
1.- packages are not signed in the archive
2.- setting up a policy is not an easy task.
Both need to be fixed (in some way) before going ahead and setting
a default policy. Otherwise you will be reporting bug #162162 too.
Regards
Javi
Attachment:
pgpgJADFXVVYc.pgp
Description: PGP signature