[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian upload monitor

Enrico Zini wrote:
For example, you have several IDs in your key.  If I have reason to
believe that you don't receive mail in one of them (for example, I can
notice that a domain has expired, or I can send fake spam to all of them
and see if one bounces), then I can use that address in Maintainer: and
Changed-by:, and dak will mail there.

But this is a deliberate policy decision, not a technical limitation, because these mails have been introduced for convenience, not as a security measure. In fact, presently, the sponsor mails are not sent if the keyholder's name (as put in projectb) appears in Changed-By or Maintainer, regardless of the mail address, so your scheme to 'circumvent' their sending is excessively complicated.

But regardless of specific examples, this is an extra, complementary
layer of security.  The GPG key is our most important security token,
and a way to track its usage is the least that we should have.

Whether it belongs to QA or ftp-master, is what I'm trying to find out.

Well, if there everyone wanted these mails, it would be trivial to send them unconditionally instead of conditionally.

Kind regards

Thomas Viehmann, http://thomas.viehmann.net/

Reply to: