[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Summary: Secure APT Key Management

also sprach Anthony Towns <aj@azure.humbug.org.au> [2006.07.30.1408 +0100]:
> On Sun, Jul 30, 2006 at 12:56:26PM +0200, Martin Schulze wrote:
> > The way he envisions key management is that every Debian machine
> > trusts the SPI CA.  Debian should provide a webpage for downloading
> > and verifying keys, protected by SSL/TLS.  The use would require
> I think a proper SSL key, trusted using the regular methods is
> important, but I don't think it's reliable enough to be our primary/sole
> verification method.

It's going to be hard to come up with additional methods, IMHO, so
if you have anything in mind, please share and I can stop wrecking
my brain over it.

I think the most important thing still is that we should *never*
install and trust a key automatically.

I also vote for per-release keys. The argument that they will be
easier to crack is invalid IMHO because we cannot use limited
lifetime as security measure anyway. Thus, we anticipate that the
key will be cracked and have a proper procedure to follow when
that's the case.

Please do not send copies of list mail to me; I read the list!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer and author: http://debiansystem.info
`. `'`
  `-  Debian - when you have better things to do than fixing a system
"crying is the refuge of plain women but the ruin of pretty ones."
                                                        -- oscar wilde

Attachment: signature.asc
Description: Digital signature (GPG/PGP)

Reply to: