Re: Bad press again...

[Florian Weimer <fw@deneb.enyo.de>]

* martin f. krafft:

> also sprach Henrique de Moraes Holschuh <hmh@debian.org> [2005.08.27.1540 +0200]:
>> > security.debian.org already is a Single Point of Ownership.  I don't
>> > think we need multiple ones, so this is definitely a post-etch thing.
>> 
>> Irrelevant if secure apt is deployed correctly.
>
> No. Imagine exim gets a root exploit and I spoof the DNS to some
> mirror of s.d.o. That mirror will be consistent wrt secure APT, but
> it won't get updates, so admins who don't follow DSAs and run
> apt-get upgrade consciously and carefully are going to be left in
> the naive belief that they are safe because s.d.o doesn't have any
> new stuff.

You can address this with timestamp signatures, but I doubt it is
worth the complexity.  A prerequisite would be replacing pool.ntp.org
and providing our own secure time source, and this is probably not
something we want to do.