Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Robin H. Johnson (robbat2)" <robbat2@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo commit in users/robbat2/tree-signing-gleps: 01-distribution-process-security
Date: Thu, 09 Oct 2008 21:33:14
Message-Id: E1Ko38C-0008Im-1H@stork.gentoo.org
1 robbat2 08/10/09 21:33:12
2
3 Modified: 01-distribution-process-security
4 Log:
5 Fix sentence structure.
6
7 Revision Changes Path
8 1.22 users/robbat2/tree-signing-gleps/01-distribution-process-security
9
10 file : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.22&view=markup
11 plain: http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?rev=1.22&content-type=text/plain
12 diff : http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security?r1=1.21&r2=1.22
13
14 Index: 01-distribution-process-security
15 ===================================================================
16 RCS file: /var/cvsroot/gentoo/users/robbat2/tree-signing-gleps/01-distribution-process-security,v
17 retrieving revision 1.21
18 retrieving revision 1.22
19 diff -p -w -b -B -u -u -r1.21 -r1.22
20 --- 01-distribution-process-security 9 Oct 2008 21:11:21 -0000 1.21
21 +++ 01-distribution-process-security 9 Oct 2008 21:33:11 -0000 1.22
22 @@ -1,7 +1,7 @@
23 GLEP: xx+1
24 Title: Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest
25 -Version: $Revision: 1.21 $
26 -Last-Modified: $Date: 2008/10/09 21:11:21 $
27 +Version: $Revision: 1.22 $
28 +Last-Modified: $Date: 2008/10/09 21:33:11 $
29 Author: Robin Hugh Johnson <robbat2@g.o>,
30 Status: Draft
31 Type: Standards Track
32 @@ -52,8 +52,8 @@ No other guarantees, either implicit or
33
34 Additionally, distributing a set of the most recent MetaManifests from a
35 trusted source allows validation of trees that come from community
36 -mirrors, and allows detection of malicious (either by deliberate delay,
37 -replay [C08a, C08b] or alteration community mirrors.
38 +mirrors, and allows detection of all cases of malicious mirrors (either
39 +by deliberate delay, replay [C08a, C08b] or alteration).
40
41 =============
42 Specification
43 @@ -228,7 +228,7 @@ for a recent timeframe (eg one week) sho
44 "MetaManifest.$TS", where $TS is the timestamp from inside the file.
45 The most recent MetaManifest should always be symlinked as
46 MetaManifest.current. The possibility of serving the recent
47 -MetaManifests via HTTPS should also be explored to mitigate MITM
48 +MetaManifests via HTTPS should also be explored to mitigate MitM
49 attacks.
50
51 The package manager should obtain MetaManifest.current and use it to
Report Message
Find on MARC Find on Google Groups