Re: Revival of the signed debs discussion
On Thu, 4 Dec 2003 14:41:43 -0500, Matt Zimmerman <email@example.com> said:
> On Thu, Dec 04, 2003 at 12:28:41PM -0600, Manoj Srivastava wrote:
>> On Thu, 4 Dec 2003 11:47:50 -0500, Matt Zimmerman <firstname.lastname@example.org>
>> > What kind of real world attacks do signed debs prevent? Not a
>> > compromised buildd, or a compromised maintainer's workstation.
>> It would allow me to copy .debs around with other people, or use
>> .debs not made available through the usual chain of security; as
>> long as the author hapens to be in my web of trust.
> What kind of real world attacks do signed debs prevent?
I see a deb lying around on one of the machines at work -- and
I do not trust some idiots who work for the gummint. Would be worth
something to know the deb came from a real live debian developer.
> The only one which comes to mind is a rogue Debian developer that
> you do not wish to trust, even though the project trusts him.
Not quite. The signed deb is non-repudiable authorship -- nice
to know whence the software cometh.
Short people get rained on last.
Manoj Srivastava <email@example.com> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C