On Thu, Dec 21, 2000 at 03:30:25PM +0100, Christian Kurz wrote: > > if I were trying to do mirror authentication, I'd ship apt with an > > official .debian.org public key, and then ask .debian.org whether a > > the public key presented by a mirror was kosher. There are other ways > > of doing it... > > puiblic key? GnuPG or PGP? Or do you mean ssh or what kind of public key > do you think of? Well I actually meant "public key" in the theoretical sense, rather than specifying an implementation. I imagine you could use a scheme similar to the one SSH uses for host verification. > And what about rootkits that are often used and not widespread but that > you don't detect really? I think that also such a rootkit is already > existing. I said it wasn't perfect. Detection of some rootkits is better than none. I also don't understand what you mean by "often used and not widespread". > > > * automatic recognition of changes to the snapshot which correspond to > > the installation of packages from /etc/apt/sources.list, possibly > > augmented by mirror authentication > > You still failed to describe how you want to do automatic recognition of > packages. > Well, it seems to me that there are lots of ways of doing this with security which is at least as good as that of existing systems. They vary in elegance, required changes to Debian's infrastructure, and network utilisation. When I say security is "at least as good as that of existing systems", I mean that even if you can't detect intrusions from /etc/apt/sources.list, you *can* detect other intrusions. By the way, I just noticed that in this message, http://lists.debian.org/debian-devel-announce-0012/msg00012.html, ajt says that package signatures are "under development". My proposal is less than "under development" :) -- |> |= -+- |= |> | |- | |- |\ Peter Eckersley (pde@cs.mu.oz.au) http://www.cs.mu.oz.au/~pde for techno-leftie inspiration, take a look at http://www.computerbank.org.au/
Attachment:
pgpQwI5P91Cv6.pgp
Description: PGP signature