Re: dpkg-sig support wanted?

To: debian-devel@lists.debian.org
Subject: Re: dpkg-sig support wanted?
From: Olaf van der Spek <olafvdspek@gmail.com>
Date: Fri, 25 Nov 2005 16:32:52 +0100
Message-id: <[🔎] b2cc26e40511250732q42b5a2e5ubc79bf23915185de@mail.gmail.com>
In-reply-to: <[🔎] 20051125152704.GA13942@hezmatt.org>
References: <[🔎] 877jb0iswl.fsf@nahar.marcbrockschmidt.de> <[🔎] 87fypntzzo.fsf@mid.deneb.enyo.de> <[🔎] 20051123160817.GB13417@cyan.localnet> <[🔎] 20051123220920.GD5414@hezmatt.org> <[🔎] 20051124023037.GE15019@cyan.localnet> <[🔎] 20051124131345.GE17550@khazad-dum.debian.net> <[🔎] 20051125025707.GD19298@cyan.localnet> <[🔎] 4386EAB1.4090602@hogyros.de> <[🔎] 87k6ewzu1e.fsf@informatik.uni-tuebingen.de> <[🔎] 20051125152704.GA13942@hezmatt.org>

On 11/25/05, Matthew Palmer <mpalmer@debian.org> wrote:
> Of course, using the signature on the .changes to verify the .debs
> independent from the archive at some later date is a nice side-benefit, but
> one which suffers from the same key-lifetime issues as in-deb signatures,

What exactly is this key lifetime issue?
Is it a cryptographic issue?

> and since the .changes from autobuilt uploads aren't publically available
> (apparently d-d-$arch-changes isn't archived, from info previously posted in
> this thread) that method of package authentication isn't going to be 100%
> reliable anyway.

Reply to:

Follow-Ups:
- Re: dpkg-sig support wanted?
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- dpkg-sig support wanted?
  - From: Marc 'HE' Brockschmidt <he@debian.org>
- Re: dpkg-sig support wanted?
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: dpkg-sig support wanted?
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: dpkg-sig support wanted?
  - From: Matthew Palmer <mpalmer@debian.org>
- Re: dpkg-sig support wanted?
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: dpkg-sig support wanted?
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: dpkg-sig support wanted?
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: dpkg-sig support wanted?
  - From: Simon Richter <Simon.Richter@hogyros.de>
- Re: dpkg-sig support wanted?
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: dpkg-sig support wanted?
  - From: Matthew Palmer <mpalmer@debian.org>

Prev by Date: Re: dpkg-sig support wanted?
Next by Date: Re: Secret changes for binNMUs
Previous by thread: Re: dpkg-sig support wanted?
Next by thread: Re: dpkg-sig support wanted?
Index(es):
- Date
- Thread