[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] General Resolution to deploy tag2upload

Hello,

On Wed 12 Jun 2024 at 09:44am +08, Sean Whitton wrote:

> The short answer is that the input to dak is a source package, not a git
> tag.  And it's the latter that is signed by the maintainer, under
> tag2upload.
>
> A longer answer is that for dak to do that, it would need to reimplement
> all of tag2upload.  As you will see from the design docs, we have
> carefully sandboxed the various stages of tag2upload's processing, for
> security isolation.  It wouldn't make sense to implement all that again
> on dak.  And indeed, the git-to-source-package processing should not
> happen on the same host where we have the master archive signing keys.

Let me withdraw this answer.  I agree with Russ that what some
ftpmasters really meant with this objection was never clear, and that
it's better not to try to speak for them.

-- 
Sean Whitton
Reply to: