Re: Bug#66542: apt: security features that would be nice in apt-get and related tools

To: "Bradley M. Kuhn" <bkuhn@ebb.org>, 66542-done@bugs.debian.org
Cc: APT Development Team <deity@lists.debian.org>
Subject: Re: Bug#66542: apt: security features that would be nice in apt-get and related tools
From: Jason Gunthorpe <jgg@ualberta.ca>
Date: Fri, 30 Jun 2000 20:09:22 -0600 (MDT)
Message-id: <[🔎] Pine.LNX.3.96.1000630200455.30430B-100000@wakko.deltatee.com>
In-reply-to: <[🔎] 20000630121944.A3845@ebb.org>

On Fri, 30 Jun 2000, Bradley M. Kuhn wrote:

> (0) It would be great if apt-get had a "security verbosity" flag.  I just
>     get a good feeling when I see something like:
>        m5sum from /var/lib/dpkg/available: xxxxxxx
>        m5sum from foo.deb:                 xxxxxxx
>                                            MATCH!

You are kidding right? Even GPG doesn't show the digests of the messages
it is checking!

> (1) It would be great if the package list (i.e., /var/lib/dpkg/available)
>     were somehow GPG signed by someone on the Debian keyring, and if the

This, in various forms has been proposed but cannot be implemented without
archive support which is somewhat complicated for alot of reasons.

Jason

Reply to:

References:
- Bug#66542: apt: security features that would be nice in apt-get and related tools
  - From: "Bradley M. Kuhn" <bkuhn@ebb.org>

Prev by Date: Re: Bug#66533: apt: Problem with virtual package dependencies
Next by Date: Re: Bug#66508: apt: apt-get leaves bad information in /var/lib/dpkg/available
Previous by thread: Bug#66542: apt: security features that would be nice in apt-get and related tools
Next by thread: Bug#66542: marked as done (apt: security features that would be nice in apt-get and related tools)
Index(es):
- Date
- Thread