[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: State of the debian keyring

Enrico Zini writes ("Re: State of the debian keyring"):
> ...which reminds me of http://www.enricozini.org/2008/tips/audit-uploads/
> which was a prototype of creating an audit log of key usage in debian.
> This means hooking into any place where a signature verification or a
> decryption actually happens in Debian: I can think of uploads,
> db.debian.org, voting, keyring requests, RT tickets filed, emails
> received by lists or the BTS: are there more?

My (not-yet-deployed) dgit push receiver (to support, amongst other
things, dm uploads), which depends on tags signed by dm pgp keys.

ssh push to alioth.  (Sorry to add a very hairy yak to your plan.)


> So I can't just open vim and write the code: auditing key usage in
> package uploads requires someone who knows dak inside out, and can
> commit to maintaining notification triggers in all obscure corners where
> keys are used, now and in future updates of the ftp-master toolchain.
> Same goes for any other bit of Debian.

Perhaps we could provide a patched version of gpg[v] which phones home
to report the verification.

> The starting point for this work is probably this, then: is it just me,
> feeling that we have a problem here, or am I actually in the good
> company of people who can do their bit?

I think this would be nice, and having a partial audit would be better
than no audit.


Reply to: