Re: Bug#540215: Introduce dh_checksums
On Fri, Mar 12, 2010 at 05:16:55AM +0100, Goswin von Brederlow wrote:
> Harald Braumann <firstname.lastname@example.org> writes:
> > On Wed, Mar 10, 2010 at 03:32:14PM +0100, Wouter Verhelst wrote:
> >> Having package.checksums be GPG-signed will take a significant change in
> >> our infrastructure (buildd hosts, for instance, would need to have a way
> >> to sign checksums files as well), so it's not going to happen
> >> tomorrow.
> That can be avoided by including a hash of the checksum file in the
> Packages files.
That doesn't help for the problem we're trying to fix here: having a
path to a GPG signature from an individual binary on the hard disk,
months or years after the package was installed.
With your proposal, you lose the signatures once the package is out of
the archive and you run 'apt-get update'.
The biometric identification system at the gates of the CIA headquarters
works because there's a guard with a large gun making sure no one is
trying to fool the system.