| 1 |
begin quote |
| 2 |
On Wed, 24 Mar 2004 21:07:08 +0000 |
| 3 |
Chris Bainbridge <c.j.bainbridge@×××××.uk> wrote: |
| 4 |
|
| 5 |
> On Wednesday 24 March 2004 14:52, Paul de Vrieze wrote: |
| 6 |
> > It also more than quadruples the efforts needed for actually |
| 7 |
> > committing a |
| 8 |
> > change to an ebuild. As a start we can better have single signing |
| 9 |
> > that |
| 10 |
> > spending months on reorganization and devising a way to have |
| 11 |
> > practical |
| 12 |
> > multiple signing. |
| 13 |
> > |
| 14 |
> > The problem is that signing can be done today. Multiple signing will |
| 15 |
> > need |
| 16 |
> > probably at least a half year. |
| 17 |
> |
| 18 |
> You are making this way more complicated than it needs to be: |
| 19 |
> |
| 20 |
> 1. add a subdirectory (say .secure) to each directory in /usr/portage. |
| 21 |
> In this store a file containing a SHA hash for all files in the |
| 22 |
> parent dir(the files and directory file names; this could be done |
| 23 |
> using a pipe through tar): |
| 24 |
|
| 25 |
erm. Isn't the Manifest file in each directory good enough? |
| 26 |
Manifest.gpg can be generated at Manifest creation time, commited to cvs |
| 27 |
and so on.. The issue isn't there, the issue is the key validation. |
| 28 |
|
| 29 |
|
| 30 |
The issue we fear isn't one where the ACL's are blocked. its how do we |
| 31 |
protect each key? How do we mark a key as "good" and not, how do we |
| 32 |
have infrastructure to do this? What about a master signing key? How do |
| 33 |
we do that and make sure that doesn't go boom? |
| 34 |
|
| 35 |
the detail of what file to sign was solved ages ago ;) |
| 36 |
|
| 37 |
//Spider |
| 38 |
|
| 39 |
|
| 40 |
-- |
| 41 |
begin .signature |
| 42 |
Tortured users / Laughing in pain |
| 43 |
See Microsoft KB Article Q265230 for more information. |
| 44 |
end |
Archives