[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bad press again...

On Sat, 27 Aug 2005, Henrique de Moraes Holschuh wrote:
> For this to work, you need a master s.d.o mirror, and automatic signing (so
> that you can keep the timestamping as low as a few hours).  This gives you a
> mirror network, with the same single "owning" point of failure we have right
> now.

Add to it requiring messages to have more than one signature, so that the
sec. team remains the single one point of failure for .deb injection.

The point about secure time keeping is a good one, and the perfect solution
(an authenticated ntp server) ain't doable.  So, we'd have to rely on the
user being capable of keeping his clock accurate and noticing if it is off
by too much with some prompting by apt.  Not a perfect solution at all :(

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh
Reply to: