[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote:

> Matt Zimmerman <mdz@debian.org> writes:
> > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote:
> > 
> > > But this kind of tampering _can_ be checked by apt before installing
> > > the deb simply by adding a signature verifyer into the
> > > DPkg::Pre-Install-Pkgs config option, the same mechanism
> > > apt-listchanges already uses to display only the new section of the
> > > changelog.
> > 
> > Indeed, apt can do a lot better, and is very close to doing so. See #203741.
> The assumption was that the archive was compromised but the Release.gpg
> file changed and resigned.

Who was assuming this?  At any rate, protecting the secret key is of course
the weakest link in any public key cryptosystem, and I don't see what that
has to do with apt.

> #203741 is about checking the
> Release.gpg chain of trust or is there more hidden in all the mails.

Yes, that is what it is about.

> Did the BTS reoder the mails, there don't seem to follow a locigal
> discussion. Haven't bothered to check the timestamps though.

Messages from discussions in other fora (including private mail) were later
copied to the BTS.

 - mdz

Reply to: