On Thu, Nov 14, 2002 at 02:03:42AM +0000, Ian Jackson wrote: > Javier Fernández-Sanguino Peña writes ("[RFH] The need for signed packages and signed Releases (long, long)"): > > The needs are: > > You have missed the key point. For package signatures to provide any > significant benefits you need the following: > You are mixing signatures+CA which is not good. You can have a default policy "do not install unless signed" and you can have a default "do not install unless coming from Debian". Both overlap but you can do the first one (which prevents the virus attacks I commented) without doing the second (and thus no need for a CA at all). Debsigs-verify implements this, the problem (as I stated in my mail) is that: 1.- packages are not signed in the archive 2.- setting up a policy is not an easy task. Both need to be fixed (in some way) before going ahead and setting a default policy. Otherwise you will be reporting bug #162162 too. Regards Javi
Attachment:
pgpgJADFXVVYc.pgp
Description: PGP signature