Re: [RFC] General Resolution to deploy tag2upload

To: Aigars Mahinovs <aigarius@debian.org>
Cc: Joerg Jaspert <joerg@debian.org>, Sean Whitton <spwhitton@spwhitton.name>, Helmut Grohne <helmut@subdivi.de>, Ansgar 🙀 <ansgar@43-1.org>, debian-vote@lists.debian.org
Subject: Re: [RFC] General Resolution to deploy tag2upload
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 13 Jun 2024 12:03:36 +0100
Message-id: <[🔎] 26218.53768.727590.202351@chiark.greenend.org.uk>
In-reply-to: <[🔎] CABpYwDVJj6TnC3wXh1R9w8y+5LF5wPCkSseeD42bgKd_o0dSTQ@mail.gmail.com>
References: <[🔎] 87wmmvrubl.fsf@melete.silentflame.com> <[🔎] 1d18bfee6b3b6beec5a9804d1e879339f0edee90.camel@43-1.org> <[🔎] 20240612090822.GA3640953@subdivi.de> <[🔎] 26217.39029.509566.207415@chiark.greenend.org.uk> <[🔎] 871q51onxs.fsf@ganneff.de> <[🔎] 878qz9q1mm.fsf@melete.silentflame.com> <[🔎] 87plsln7as.fsf@ganneff.de> <[🔎] 874j9xmdd4.fsf@melete.silentflame.com> <[🔎] 26218.50052.107395.941498@chiark.greenend.org.uk> <[🔎] CABpYwDVJj6TnC3wXh1R9w8y+5LF5wPCkSseeD42bgKd_o0dSTQ@mail.gmail.com>

Aigars Mahinovs writes ("Re: [RFC] General Resolution to deploy tag2upload"):
> Correct me if I am wrong, but if we are looking at dgit.d.o as
> snapshot and audit log of the tag2upload service, would it not be
> beneficial for the auditing and back-tracing process to actually
> keep the code that someone tried to upload via tag2upload even if
> their key is revoked, expired or signature is invalid?

This is an interesting idea.  There are some potential trouble
vectors, there, though (eg, malicious people could cause the sytem to
store Bad Stuff).  And also it's not entirely straightforward to
implement because the system would need suitable access to whatever
the bad-uploads archive server is.

With the current design, it might be possible to retrieve the tag from
Salsa, perhaps with admin assistance, at least for a while.  That's
not great, but I'm hoping the need for this will be quite rare.

I think I would like to treat your suggestion as a possibility for
future enhancement, rather than something we'd have from day one.

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.  

Pronouns: they/he.  If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.

Reply to:

References:
- [RFC] General Resolution to deploy tag2upload
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Ansgar 🙀 <ansgar@43-1.org>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Helmut Grohne <helmut@subdivi.de>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Joerg Jaspert <joerg@debian.org>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Joerg Jaspert <joerg@debian.org>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: [RFC] General Resolution to deploy tag2upload
  - From: Aigars Mahinovs <aigarius@debian.org>

Prev by Date: Re: [RFC] General Resolution to deploy tag2upload [and 1 more messages]
Next by Date: Re: [RFC] General Resolution to deploy tag2upload
Previous by thread: Re: [RFC] General Resolution to deploy tag2upload
Next by thread: Re: [RFC] General Resolution to deploy tag2upload
Index(es):
- Date
- Thread