Re: dpkg-sig: sign binary debian archive files

To: debian-devel@lists.debian.org
Subject: Re: dpkg-sig: sign binary debian archive files
From: Andreas Barth <aba@not.so.argh.org>
Date: Sun, 28 Dec 2003 18:11:41 +0100
Message-id: <[🔎] 20031228171141.GA13419@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 200312281825.29074.danchev@spnet.net>
References: <[🔎] 20031227084933.GA7805@mails.so.argh.org> <[🔎] 20031228134633.GA30864@deprecation.cyrius.com> <[🔎] 20031228141726.GA7976@mails.so.argh.org> <[🔎] 200312281825.29074.danchev@spnet.net>

* George Danchev (danchev@spnet.net) [031228 17:25]:
> On Sunday 28 December 2003 16:17, Andreas Barth wrote:
> --cut--
> > similar. I remember also a discussion with doogie about "make it in an
> > extra package or as part of dpkg (source package)?" where I got
> > something like: Show usable code in an extra package, and if it works
> > (and is actually used), it's possible to move that to dpkg later on.

> Perhaps that had being discused before, that patch [1] had being introduced 
> and merged. As far as I can see it is in dpkg src tree and interacts with the 
> package of debsig-verify and also described in securing-debian-howto.

No. dpkg-sig is discussed and written in 2003, and that patch is from
2001.

> > So, for me the situation is this:
> > - If the dpkg-maintainers ask me to change name I'll of course do this.
> > - I'll try to move the code to src:dpkg if dpkg-sig is really used
> >   (which I assume and hope); otherwise, we won't need an unused
> >   package in the archive.
> 
> As I understand this is an alternative of the above patch+debsig-verify story.

No. The verification capabilities of dpkg-sig are aequivalent to the
package extraction capabilities of dpkg-deb - very usefull if one
needs such a thing, but not the default usage in daily operation. For
the everyday signature verification I recommend a more high-level tool
than dpkg-sig.

> Isn't it a little bit confusing to have 2 methods for per-deb signing/
> checking. 

Well, there were some issues:
- don't break the deb when adding signatures
- protocol must allow the possibility of remote signing
(The second is a requirement of more than one buildd-admin - and they
know probably much better than I what they need.)

So, because of the second issue, we needed a change in the signing
protocol. A draft of the signing protocol is available at
http://dpkg-sig.turmzimmer.net/policy.html and dpkg-sig is one (the ?)
implementation of this. There is no problem in adding code to
debsig-verify that allows verification of packages signed with
dpkg-sig - I just prefered to start with a tiny "sign and verify by
hand"-utility first.

When and if this tool is liked and accepted by the community, than the
next changes (dpkg-buildpackage, dinstall, debsig-verify, ...) should
start. However, I prefer to make step after step.

Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to:

Follow-Ups:
- Re: dpkg-sig: sign binary debian archive files
  - From: George Danchev <danchev@spnet.net>

References:
- dpkg-sig: sign binary debian archive files
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: dpkg-sig: sign binary debian archive files
  - From: Martin Michlmayr <tbm@cyrius.com>
- Re: dpkg-sig: sign binary debian archive files
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: dpkg-sig: sign binary debian archive files
  - From: George Danchev <danchev@spnet.net>

Prev by Date: Re: apt 0.6 in experimental
Next by Date: Re: Bug#224742 acknowledged by developer (Re: Bug#224742: Related to this issue...)
Previous by thread: Re: dpkg-sig: sign binary debian archive files
Next by thread: Re: dpkg-sig: sign binary debian archive files
Index(es):
- Date
- Thread