[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#540215: Introduce dh_checksums

On Wed, Mar 17, 2010 at 08:58:28AM +0100, Goswin von Brederlow wrote:
> Wouter Verhelst <wouter@debian.org> writes:
> > On Fri, Mar 12, 2010 at 05:16:55AM +0100, Goswin von Brederlow wrote:
> >> Harald Braumann <harry@unheit.net> writes:
> >> 
> >> > On Wed, Mar 10, 2010 at 03:32:14PM +0100, Wouter Verhelst wrote:
> >> >>
> >> >> Having package.checksums be GPG-signed will take a significant change in
> >> >> our infrastructure (buildd hosts, for instance, would need to have a way
> >> >> to sign checksums files as well), so it's not going to happen
> >> >> tomorrow.
> >> 
> >> That can be avoided by including a hash of the checksum file in the
> >> Packages files.
> >
> > That doesn't help for the problem we're trying to fix here: having a
> > path to a GPG signature from an individual binary on the hard disk,
> > months or years after the package was installed.
> >
> > With your proposal, you lose the signatures once the package is out of
> > the archive and you run 'apt-get update'.
> Then don't do that. :)

We can hardly say to our users "if you want to be able to check
signatures, never run run apt-get update"...

> I don't think signing the checksum file itself will be feasable as that
> would alter the contents of the deb and change the checksums in the
> changes files autobuilders send the admin for signing.

Yes, it would be a problem for autobuilders. However, I don't think it's
completely unfeasible.

> It would break the existing signing infrastructure for autobuilders.
> It would also require running dpkg-genchanges again during signing or
> otherwise adjust the checksums in the changes file.
> But for packages no longer in the archive there is snapshot.debian.net
> (or the official replacement).

Which are both not very useful at the moment.

The biometric identification system at the gates of the CIA headquarters
works because there's a guard with a large gun making sure no one is
trying to fool the system.

Attachment: signature.asc
Description: Digital signature

Reply to: