| 1 |
On Monday 08 November 2004 17:14, Thierry Carrez wrote: |
| 2 |
> Last, your simple solution means work for the infrastructure team (to |
| 3 |
> change the rsync replication process, provide for CPU time to perform |
| 4 |
> the digest etc... And the portage team (testing and releasing extra |
| 5 |
> functionality controlled by a FEATURE most people won't activate |
| 6 |
> because it slows down the emerge sync process). Rephrasing your |
| 7 |
> proposal as : |
| 8 |
> |
| 9 |
> (1) infrastructure scripts to generate signed digest |
| 10 |
> (2) portage patches including the FEATURE of glocal verification |
| 11 |
> (3) hard data showing the performance hit server-side and client-side |
| 12 |
> |
| 13 |
> would certainly help us. It's not your job to do an implementation |
| 14 |
> proposal ? That's the "Gentoo team" job ? Man, get real. Gentoo is a |
| 15 |
> community distribution. The "Gentoo team" cannot do everything, it |
| 16 |
> needs user support. And yes, even posting a small script helps. |
| 17 |
|
| 18 |
You're even forgetting number (4), a single master key is extremely |
| 19 |
sensitive to compromise. The biggest risk (that of the master sync server |
| 20 |
being compromised) is not being addressed, and your proposal does not |
| 21 |
handle the reliable revocation of such a key. And don't forget that the |
| 22 |
master key must be passphraseless as signing needs to happen very often. |
| 23 |
|
| 24 |
Paul |
| 25 |
|
| 26 |
-- |
| 27 |
Paul de Vrieze |
| 28 |
Gentoo Developer |
| 29 |
Mail: pauldv@g.o |
| 30 |
Homepage: http://www.devrieze.net |
Archives