Bug#203741: apt sigcheck patches
[ re-adding Isaac to CC ]
On Thu, 2003-08-21 at 15:33, Matt Zimmerman wrote:
> I would say that by default, it should go ahead and use the unsecured
> sources, but display a warning to the user. This is a change from "expect
> security only when explicitly requested" and "expect security by default".
> Because most software does (and will continue to) come from Debian proper,
> and thus will be signed, unofficial repositories will become the exceptional
> case, and I think this strategy can work.
Ok. Aj, do you agree?
There is something nagging me about this - I have a feeling that there
was a better reason we decided to put the source name in the
sources.list, but after briefly going over my apt-secure mail I don't
see it.
> A force option could be provided, but I think it would be better to make it
> a no-brainer for a source to be secured.
I agree with that.
> I think that per-release keys make more sense than per-year keys for this
> reason.
Ok - you will have to convince the ftpmasters too.
Just a note: I don't think I'll have much time to implement these
changes until late next week at the earliest. Probably later than that
actually. So if you beat me to it, that's great :)
Your changes will make the code significantly simpler, by the way.
Mostly the work will be deleting code. In fact it will almost be like
just adding the gpgv method.
Reply to: