On Sunday, June 23, 2024 11:48:09 AM EDT Russ Allbery wrote: > Scott Kitterman <debian@kitterman.com> writes: > > First, as I understand the position of the FTP Masters involved in this > > discussion (for clarity, I'm a non-delegated member of the FTP Team > > (i.e. FTP Assistant)), their view is that determining if an upload is > > from a person authorized to upload to the Debian archive is a function > > that is within the scope of their delegated authority and the current > > tag2upload proposal takes over that function. > > As mentioned in the summary, I believe we've found a resolution to this > problem provided that the FTP team is willing to implement the protocol I > described in dak, which Ansgar seemed supportive of. That allows them to > do both the authentication and authorization check directly on the Git tag > signed by the uploader, which means the trust extended to tag2upload is > then almost precisely equivalent to the trust extended to a binary buildd: > start from an independently-verified maintainer-signed thing and produce a > build artifact. I will confess having trouble keeping track of all the back and forth. After that, it was my impression that the press was on to deploy as is. Regardless, I think the major point is that running on a DSA managed host doesn't necessarily equate to DSA running the service. I think who is going to run the tag2upload service and if some delegation for doing so is appropriate are both questions that aren't answered by DSA will run the host. Scott K
Attachment:
signature.asc
Description: This is a digitally signed message part.