Re: dpkg-sig: sign binary debian archive files

To: debian-devel@lists.debian.org
Subject: Re: dpkg-sig: sign binary debian archive files
From: George Danchev <danchev@spnet.net>
Date: Sun, 28 Dec 2003 22:22:55 +0200
Message-id: <[🔎] 200312282222.55494.danchev@spnet.net>
In-reply-to: <[🔎] 20031228171141.GA13419@mails.so.argh.org>
References: <[🔎] 20031227084933.GA7805@mails.so.argh.org> <[🔎] 200312281825.29074.danchev@spnet.net> <[🔎] 20031228171141.GA13419@mails.so.argh.org>

On Sunday 28 December 2003 19:11, Andreas Barth wrote:
--cut--
> > As I understand this is an alternative of the above patch+debsig-verify
> > story.
>
> No. The verification capabilities of dpkg-sig are aequivalent to the
> package extraction capabilities of dpkg-deb - very usefull if one
> needs such a thing, but not the default usage in daily operation. For
> the everyday signature verification I recommend a more high-level tool
> than dpkg-sig.

Good. Please describe this in your policy.html for further references... and 
your suggestions for the high-level tools for daily usage too ...

> > Isn't it a little bit confusing to have 2 methods for per-deb signing/
> > checking.
>
> Well, there were some issues:
> - don't break the deb when adding signatures
> - protocol must allow the possibility of remote signing
> (The second is a requirement of more than one buildd-admin - and they
> know probably much better than I what they need.)
>
> So, because of the second issue, we needed a change in the signing
> protocol. A draft of the signing protocol is available at
> http://dpkg-sig.turmzimmer.net/policy.html and dpkg-sig is one (the ?)
> implementation of this. There is no problem in adding code to
> debsig-verify that allows verification of packages signed with
> dpkg-sig - I just prefered to start with a tiny "sign and verify by
> hand"-utility first.

I think I'm close to understand your approach. Please add some bits to 
policy.html about debsig-verify and the future suggestions about it.

> When and if this tool is liked and accepted by the community, than the
> next changes (dpkg-buildpackage, dinstall, debsig-verify, ...) should
> start. However, I prefer to make step after step.

I understand, step by step is wiser. The job is complex (as you suggest a 
change in the deb signing protocol) and the people need some time (and docs?) 
to follow your mind. Btw, In case you need more names to resolve the issues 
with dpkg namespace, here are mine shots: dsign, design.

I also hope this to be officially accepted and then securing-debian-howto to 
be updated as well. Great work !

-- 
pub  4096R/0E4BD0AB 2003-03-18 <keyserver.bu.edu>
1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB

Reply to:

Follow-Ups:
- Re: dpkg-sig: sign binary debian archive files
  - From: Andreas Barth <aba@not.so.argh.org>

References:
- dpkg-sig: sign binary debian archive files
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: dpkg-sig: sign binary debian archive files
  - From: George Danchev <danchev@spnet.net>
- Re: dpkg-sig: sign binary debian archive files
  - From: Andreas Barth <aba@not.so.argh.org>

Prev by Date: Re: apt 0.6 in experimental
Next by Date: Re: apt 0.6 in experimental
Previous by thread: Re: dpkg-sig: sign binary debian archive files
Next by thread: Re: dpkg-sig: sign binary debian archive files
Index(es):
- Date
- Thread