Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Duncan <1i5t5.duncan@×××.net>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Re: Devmanual text on ChangeLogs
Date: Sun, 01 May 2011 23:24:49
Message-Id: pan.2011.05.01.23.23.40@cox.net
In Reply to: Re: [gentoo-dev] Devmanual text on ChangeLogs by Markos Chandras
1 Markos Chandras posted on Sun, 01 May 2011 23:49:06 +0100 as excerpted:
2
3 > On Sun, May 01, 2011 at 03:33:25PM -0700, Brian Harring wrote:
4 >> On Sun, May 01, 2011 at 10:08:31PM +0100, Markos Chandras wrote:
5 >>> Since most ( if not all ) of us use the same message on the Changelog
6 >>> and on the commit log, it probably worth the effort of having the
7 >>> rsync servers create the Changelogs before populate the portage tree.
8
9 >> This opens up a bit of nastyness; either the service would have to
10 >> resign all manifests (which defeats a fair bit of the signing intent),
11 >> or ChangeLog's would have to pulled in full from cvs, generated
12 >> strictly server side (else manifest will have stale chksums for it),
13 >> and ChangeLog will have to exist outside of all validation.
14
15 > Thats a fair point but the way I see it we need to make a balanced
16 > choice. Obviously is not feasible to have the rsync servers resign
17 > everything. [But] having all the gpg keys on the rsync servers [...]
18 > doesn't look that smart to me.
19
20 > Leaving Changelogs unprotected might be a bit of a trouble but it
21 > certainly is not that big a deal. Nothing serious can happen if someone
22 > hijacks a plain text file.
23
24 > In case people want to ensure end-to-end point integrity, we can use
25 > a separate GPG key for the rsync server. However, this will make our GPG
26 > keys useless, and having a single key to sing 10.000 Manifest files does
27 > not look good either.
28
29 What about having a dedicated server-based changlog-signing key? That's
30 still a lot of signing with a single key, but as you observed, the hazards
31 of a loss of integrity there aren't as high as with most of the tree
32 content. It'd require changes, but I don't believe they're out of line
33 with that required for the rest of the proposal.
34
35 --
36 Duncan - List replies preferred. No HTML msgs.
37 "Every nonfree program has a lord, a master --
38 and if you use the program, he is your master." Richard Stallman

Replies

Subject Author
Re: [gentoo-dev] Re: Devmanual text on ChangeLogs Brian Harring <ferringb@×××××.com>
Report Message
Find on MARC Find on Google Groups