1 |
On Thu, Sep 29, 2011 at 12:23:08PM -0400, Mike Frysinger wrote: |
2 |
> On Thursday, September 29, 2011 11:11:59 Patrick Lauer wrote: |
3 |
> > On 09/29/11 17:04, Tony "Chainsaw" Vroon wrote: |
4 |
> > > On 29/09/11 16:02, Anthony G. Basile wrote: |
5 |
> > >> Is there any chance that we can agree to reject |
6 |
> > >> unsigned manifests? Possibly a question for the Council to adjudicate? |
7 |
> > > |
8 |
> > > I am happy to back a mandatory signing policy for the main gentoo-x86 |
9 |
> > > tree. This is a simple yes or no question that the council can vote on. |
10 |
> > |
11 |
> > As previously discussed it would be nice to have some basic key policies |
12 |
> > in place for that - they can be changed at any later time, but for now |
13 |
> > we could agree on basic parameters like, say - |
14 |
> > |
15 |
> > at least 1024bit key length |
16 |
> > at least 6 months validity from creation |
17 |
> > one or more algorithms (initially DSA signatures and SHA1 hashing) |
18 |
> |
19 |
> there's nothing to decide as it was already outlined long ago in the docs: |
20 |
> http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=6 |
21 |
> |
22 |
> if you want to *refine* that, then that's a different issue. but the devs |
23 |
> already have all the info they need to start signing now. |
24 |
> -mike |
25 |
|
26 |
Well, there's a bit more to it than that. 'repoman' must enforce the usage |
27 |
of keys or die if it can't. Further, it needs to allow the selection of a |
28 |
key if it can't determine which to use. I was hit by this last |
29 |
night. Instead of dying and saying that I chose to sign but it couldn't |
30 |
determine which secret key to use (I recently generated a new key), it |
31 |
just disabled FEATURES="sign" and committed anyway. |
32 |
|
33 |
Also, the Dev Handbook only says 'can', it needs to be changed to |
34 |
'must'. I'd also drop the bit about expiration. Instead, I'd change it to |
35 |
read "expires no sooner than 6 months". You know, to give the key a moment |
36 |
to be recognized by some people, perhaps even marginally trusted by |
37 |
someone. What really matters is that it is an unexpired, valid key. |
38 |
|
39 |
-- |
40 |
Mr. Aaron W. Swenson |
41 |
Pseudonym: TitanOfOld |
42 |
Gentoo Developer |