1 |
On 04/30/04 John Davis wrote: |
2 |
|
3 |
> Portage enhancements are a tough one. I know that genone has emerge |
4 |
> security almost there and GPG manifest signing is somewhere in the |
5 |
> middle (need verification here). The problem in making these release |
6 |
> guidelines is the fact that they are totally dependent on 2 people's |
7 |
> time and work. Releng does not have control over whether or not these |
8 |
> can be completed, so putting them on the feature list usually ends up |
9 |
> being an exercise in futility. If some people are willing to help out |
10 |
> carpaski and genone, then I will add it to the list, but if they are |
11 |
> left implementing and testing these two rather substantial features |
12 |
> themselves, I am not adding them to the list. |
13 |
|
14 |
Ok, guess I should repeat that the most important thing for GPG signing |
15 |
(actually the missing part is verification) that's still missing is a |
16 |
key policy: where to store keys, how to check if they are trustworthy |
17 |
and so on. If we can agree on a simple and effective solution there it |
18 |
shouldn't be too difficult to implement this feature (talking about code |
19 |
here, not the tree). The last time we had a way too long thread with way |
20 |
too many details and discussions about problem scenarios, please let's |
21 |
try to avoid that. |
22 |
And to get everyone on track I'll start with a very simple proposal |
23 |
(idea stolen from Spanky IIRC), I won't say that it's really effective |
24 |
though: |
25 |
- keys are stored in a keyring and are installed by an ebuild |
26 |
- a key is trustworthy if it is in that keyring |
27 |
- expiration is handled by removing the key from that keyring |
28 |
- each modification to the keyring involves a version bump on the ebuild |
29 |
That's about the easiest for implementation and doesn't require anything |
30 |
new for our infrastructure or key-signing-sessions. It does not say who |
31 |
will manage that keyring though as that is not important for the |
32 |
implementation. I'm pretty sure that the idea has a number of flaws, but |
33 |
we have to start somewhere. |
34 |
|
35 |
Marius |
36 |
|
37 |
-- |
38 |
Public Key at http://www.genone.de/info/gpg-key.pub |
39 |
|
40 |
In the beginning, there was nothing. And God said, 'Let there be |
41 |
Light.' And there was still nothing, but you could see a bit better. |