Bug#203741: apt-secure
We got kicked off IRC due to crappy wireless at this coffee shop, so
here are our thoughts:
First of all, despite what we were saying initially on IRC, if you're
prompting before the packages are actually downloaded, then there are no
problems with polluting the cache, no?
The other issue about displaying which sources (in addition to which
packages) were insecure is probably less pressing.
So if there is no cache problem, this seems quite doable for sarge.
Some responses to your previous emails:
On Sun, 2003-09-07 at 16:10, Matt Zimmerman wrote:
> Oh, another thing. The error/warning situation could probably use some
> cleanup. While at this point, someone who installs the new code on an
> existing setup will continue to have a functional apt (with the addition of
> the confirmation question), but they will get a bunch of warnings from
> apt-get update as it tries to verify signatures and finds that it doesn't
> have a keyring (or maybe even gnupg).
We should have apt Depend: on gnupg, and also ship a default keyring
with the Debian ftp keys, perhaps with a prompt for whether or not to
trust the keys.
On Sat, 2003-09-06 at 21:46, Matt Zimmerman wrote:
> A couple of other things.
>
> - It looks like pkgAcqIndexRel isn't used anymore. If this is correct, I
> think we should remove it.
I think this is still used for semi-obscure pinning purposes. We should
probably try to merge that back into the main Release file.
> - I'm torn about how to handle the situation where a Release file is
> signed,
> but the public key isn't available. On one hand, I don't want to
> issue a
> warning all the time, because I think it will be a normal situation.
This doesn't seem like a very normal situation - if you don't trust the
source, then you don't trust the source, and you should see a warning.
Reply to: