[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: improving downloader packages (was: Re: holes in secure apt)

On Thu, 2014-06-19 at 21:25 -0500, Gunnar Wolf wrote: 
> Thanks for bringing this topic up. I'm snipping your very detailed
> implementation proposal, which does not sound like it was written at
> 4AM at all ;-)

> I do feel the keyring-maint package is a leftover from days long
> gone. Nowadays the keyring is kept at a DVCS tree, and regularly
> exported to a publicly accessible instance.
Any reason for that "internal" repo? I mean what speaks against the idea
of expressing everything via signatures by some special keys (which was
probably the core idea of my proposal)

> Furthermore, it stores its
> full history, so you can even check if $foo was a valid key at some
> point in the past.
This you can to with my proposal as well... whether the "Authority" key
will sign other keys always just for a time span (+ continuously resigns
them)  or  whether the signatures are not expiring and manually
In both cases you could easily find out and time spans when a key had
the "state" Debian developer, based on the dates of the signatures and

> I was thinking about including the possible disappearance
Well when I wrote last time, I thought keeping the package might make
sense to give offline systems at least a source for a more or less
current state of the keyring... but OTOH,... why should offline only
systems need this... they can't do any communication with the DDs or
verify new packages.

But of course... if there the "Authority" key should then move to some
package, e.g. debian-archive-keyring... or perhaps all special keys
should move to that package and this should then become the
"debian-keyring" (since it's no longer just the archive keys).


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: