[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Revival of the signed debs discussion

Anthony DeRobertis <asd@suespammers.org> writes:

> On Fri, 2003-12-05 at 04:54, Manoj Srivastava wrote:
> > > The only one which comes to mind is a rogue Debian developer that
> > > you do not wish to trust, even though the project trusts him.
> > 
> > 	Not quite. The signed deb is non-repudiable authorship -- nice
> >  to know whence the software cometh.
> No it isn't. For it to be non-repudiable, you'd have to demonstrate that
> the key has not been compromised; that the developer knew what he was
> signing (as opposed to a trojaned gpg telling him one thing while doing
> another); etc. Proving those is quite impossible --- especially if he
> doesn't want you to: He can always compromise his own key, on purpose.

If a package is compromised we can proof that the DD of the package
either is malicious or incompetent. Two good reasons to exclude
packages signed by him in the future. :)


Reply to: