[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion



On Tue, 2003-12-02 at 07:00, Andreas Barth wrote:
> * John Goerzen (jgoerzen@complete.org) [031201 17:40]:
> > Even if the attacker could place a new keyring file in the archive,
> > people verifying signatures on signed .debs would not install it, since
> > it would not have the signature of a developer.
> 
> And to be honest: If all debs are signed, and it is easy possible, I
> would restrict accepted signatures at my private machine for the
> keyring package to James - and let me send a mail if there is a
> keyring package signed by any other DD. So, the real danger would be
> if James key is stolen.

Would it be possible && increase security for debian-keyring maintainer
to have a separate, non-network-connected box which which to sign any
new keyring packages (and transfers of the package, for signing,
happening by floppy/ cd/ etc)?

Would that give us long-term certainty that some unknown/ yet to be
discovered root-exploit has compromised our community without us
knowing?

ta
zen

-- 
Debian Enterprise: A Custom Debian Distribution: http://debian-enterprise.org/
* Homepage: http://soulsound.net/     * PGP Key: http://soulsound.net/zen.asc
* Please respect the confidentiality of this email as sensibly warranted.



Reply to: