[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Check for revocation certificates before running apt-get?

On Mon, Dec 16, 2013 at 1:34 PM, adrelanos wrote:

> I am wondering how excited the apt developers would be about adding a
> bash script to their app. I'll see how far I get and contact them when
> there is something to talk about.

I suppose POSIX shell would be preferable.

> Imagine for a moment, you would like my implementation... Then, would
> you suppose to activate this by default in Debian?

Not sure, but the feature should at least be present even if it is
disabled by default...

> In that case, can the keyservers handle the load from the mass of Debian
> and its derivatives users? Should we ask keyserver operators or on gnupg
> mailing list if that is a fine idea?

Zero idea, best ask indeed.

> What PPAs you're using isn't a secret anyway, since apt traffic isn't
> encrypted. If you want to hide which PPAs you're using and which signing
> keys you're refreshing, I think it's best to route all that traffic over
> Tor. I don't understand the benefit in selectively routing key fetches
> of signing keys over Tor while leaving the rest in the clear.

That makes sense.

>> Add a system daemon for parcimonie
>
> But parcimonie already has a system daemon?

AFAICT it only has a per-user daemon.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Reply to: