Re: Packages debian needs

To: Marc Wilson <msw@cox.net>, debian-user@lists.debian.org
Subject: Re: Packages debian needs
From: Timothy Webster <tdwebste0@yahoo.com>
Date: Mon, 19 May 2003 17:35:51 -0700 (PDT)
Message-id: <[🔎] 20030520003551.99205.qmail@web21201.mail.yahoo.com>
In-reply-to: <[🔎] 20030519205628.GC1941@moonkingdom.net>

--- Marc Wilson <msw@cox.net> wrote:
> On Sun, May 18, 2003 at 07:51:16PM -0700, Timothy
> Webster wrote:
> > 3) Debian packages from peer to peer networks. 
> 
> You're kidding, right?  You *actually* want to
> retrieve packages from an
> unknown machine, from an unknown person, hand those
> packages root on your
> machine, and see what happens?

No I am not kidding. That is why we have package
signing. But you are right, we need to introduce a PKI
directory at some point to hold public signing keys.
With our current debian structure it wouldn't need to
be much of directory, since most packages are created
automatically with MD5 from maintainers. Buy the way
MD5 is not strong enough, so we need to upgrade to
secure signing.

Thanks good point. But isn't this somewhat the same
problem we currently have with unofficial debian and
to a lesser degree with mirrors.

> 
> How does this work better than the current mirror
> system?

This will greatly speed up subsequent local fetches
from other machines in the same or near networks.
Reduces the load on mirrors.

As an added advantage gives the peer to peer network
lots of legit traffic and speeds up debian downloads.

-tim

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

Reply to:

Follow-Ups:
- Re: Packages debian needs
  - From: Colin Watson <cjwatson@debian.org>

References:
- Re: Packages debian needs
  - From: Marc Wilson <msw@cox.net>

Prev by Date: Re: M$ licenses Unix
Next by Date: Re: Backing up all files on hdd - dd'ing
Previous by thread: Re: Packages debian needs
Next by thread: Re: Packages debian needs
Index(es):
- Date
- Thread