Re: bits from the release team
Pierre Habouzit <madcoder@debian.org> writes:
> Le Mer 10 Mai 2006 11:05, Goswin von Brederlow a écrit :
>> Do you see any drawbacks with my proposal of having Release.key next
>> to each Releas.gpg or do you have a better idea that will work for
>> every apt-getable archive?
>
> this is obviously a valid idea, except that you have to have those key
> over https to avoid MiM attacks, with a valid https CA (like in not
> self-signed).
Why? The key is signed and thereby protected from alterations and the
signatures can be checked against the existing keyring package. The
idea is to validate against more than one off-server key that has a
long long lifetime, like maintainers keys. More than one to avoid any
single point of failure or attack.
MfG
Goswin
Reply to: