Re: APT public key updates?
* Steve Langasek:
> For a user with a compromised local network, the only safe solution is to
> validate the new key via some web of trust.
No, the web of trust doesn't solve the problem. I'm pretty sure most
DDs don't even know who is authorized to issue a new archive key. A
user has no way to judge which developers have sufficient knowledge to
recognize a new, legitimate archive signing key. And so on, it's
quite messy.
The only reasonable answer at this stage is SSH-style "leap of faith"
authentication.
Reply to: