Re: [RFH] The need for signed packages and signed Releases (long, long)

To: tb@becket.net (Thomas Bushnell, BSG)
Cc: debian-devel@lists.debian.org
Subject: Re: [RFH] The need for signed packages and signed Releases (long, long)
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sat, 16 Nov 2002 00:17:15 +0100
Message-id: <[🔎] 87d6p6xw1w.fsf@deneb.enyo.de>
Mail-followup-to: tb@becket.net (Thomas Bushnell, BSG), debian-devel@lists.debian.org
In-reply-to: <[🔎] 87lm3uqvl2.fsf@becket.becket.net> (tb@becket.net's message of "15 Nov 2002 15:09:13 -0800")
References: <[🔎] 20021112143711.GA6850@dat.etsit.upm.es> <[🔎] 20021112164411.GB7412@azure.humbug.org.au> <[🔎] 87smy6v7of.fsf@glaurung.green-gryphon.com> <[🔎] 20021113051122.GD26235@azure.humbug.org.au> <[🔎] 20021113084711.A18292@doc.ic.ac.uk> <[🔎] 87heeixx1r.fsf@deneb.enyo.de> <[🔎] 87lm3uqvl2.fsf@becket.becket.net>

tb@becket.net (Thomas Bushnell, BSG) writes:

> Florian Weimer <fw@deneb.enyo.de> writes:
>
>> Andrew Suffield <asuffield@debian.org> writes:
>> 
>> > To be decently secure, you need the target system to refuse to accept
>> > packages that don't have an acceptable trust path.
>> 
>> Have you actually tried to determine whom and which machines you have
>> to trust implicitly when trusting a particular Debian package?  I
>> guess this gets really messy pretty soon.
>
> I trust auric.

Ahem, I suppose you trust much more machines, implicitly.  The secure
distribution of software from the project to the users is just a part
of the problem.  Actually, it's the easy part, a solution is known and
has been sucessfully applied by other organizations.

The other part (the origin of the package) is the hard one, and things
get *really* interesting here.  My current feeling tells me that it
isn't solvable using currently available technology (in particular,
directly signed packages won't provide complete assurance).

Reply to:

Follow-Ups:
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: tb@becket.net (Thomas Bushnell, BSG)

References:
- [RFH] The need for signed packages and signed Releases (long, long)
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Andrew Suffield <asuffield@debian.org>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: tb@becket.net (Thomas Bushnell, BSG)

Prev by Date: Re: [RFH] The need for signed packages and signed Releases (long, long)
Next by Date: Re: Discussion - non-free software removal
Previous by thread: Re: [RFH] The need for signed packages and signed Releases (long, long)
Next by thread: Re: [RFH] The need for signed packages and signed Releases (long, long)
Index(es):
- Date
- Thread