(sorry for the double posting,.. my MUA crashed in between) One addition immediately which is however not directly related to the discussion. I stumbled across those issues when I spent some thoughts on the check_apt test from Nagios. I wanted a fully secure way to be notified when updates are in place (but not having them automatically installed). As you can imagine now, the issues described above apply to check_apt, too, and an attacker could trick me into not recognising available updates. I've opened a Nagios bug #300 (http://tracker.nagios.org/view.php?id=300) asking for improvements. I describe the general issue there, but I have so far no details on how it should securely "access" APT to gather the necessary information. Which Debian secure APT experts could I ask for help with this? :) Cheers, Chris.
Description: S/MIME cryptographic signature