1 |
On Tue, Oct 05, 2010 at 05:53:50PM -0400, James Cloos wrote: |
2 |
> >>>>> "RHJ" == Robin H Johnson <robbat2@g.o> writes: |
3 |
> |
4 |
> RHJ> Some more issues for you: |
5 |
> RHJ> 1. Increases the size of the Manifest by a minimum of 710 bytes _per_ |
6 |
> RHJ> file. (4 bytes for 'GPG ', 700-900 for the hash, 1 for the field space, 5-12 bytes for the |
7 |
> RHJ> trailer). |
8 |
> RHJ> 1.1. 55907 Manifest2 entries need this signing, so that's a ~38MiB |
9 |
> RHJ> increase in the tree size. |
10 |
> RHJ> 2. Impossible to validate without Portage itself, or at least another |
11 |
> RHJ> tool to convert the signature back into a form readable by GnuPG. |
12 |
> |
13 |
> >From the standpoint of someone using Gentoo to Get Work Done: |
14 |
> RMD160 and SHA1 just waste space. SHA2 is sufficient non-encrypted |
15 |
> hashing. |
16 |
Please read the tree-signing GLEPs. This is already coming up, the GLEPs |
17 |
included the migration window for it. |
18 |
|
19 |
> Put distfile sigs in $DISTDIR or $FILESDIR. They are just too large |
20 |
> for a line-per-entry file. |
21 |
$DISTDIR is an interesting idea. $FILESDIR costs too many inodes. |
22 |
|
23 |
> Include the signing keyid in the filename to support both allowing |
24 |
> multiple devs to sign a file and an easy indication of who signed it. |
25 |
You can extract keyid from any signature trivially. |
26 |
|
27 |
> Have portage note in the ebuild log what was signed, by what key, and |
28 |
> whether the sigs were true. |
29 |
zmedico: can we include this in the repoman commit sig? |
30 |
|
31 |
> Make failing on a bad sig optional (per overlay?) and make sure that |
32 |
> even when portage /is/ configured to fail on a bad sig that it only |
33 |
> fails that one package and anything in the current set which depends |
34 |
> on that version of the failed package. Don't stop everything just |
35 |
> because /one/ package has a problem. |
36 |
This is already controllable. |
37 |
|
38 |
> And think about a way to sign Changelog entries. |
39 |
We wanted commit-signing with the git migration... |
40 |
|
41 |
-- |
42 |
Robin Hugh Johnson |
43 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
44 |
E-Mail : robbat2@g.o |
45 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |