| 1 |
On 03/25/11 15:15, Torsten Veller wrote: |
| 2 |
> * Mike Frysinger <vapier@g.o>: |
| 3 |
>> On Thu, Mar 24, 2011 at 8:09 PM, Antoni Grzymala wrote: |
| 4 |
> [Manifest signing] |
| 5 |
>>> Does that get us any closer to GLEPs 57, 58, 59 (or generally |
| 6 |
>>> approaching the tree-signing/verifying group of problems)? |
| 7 |
>> |
| 8 |
>> yes |
| 9 |
> |
| 10 |
> I think, it's a "no". |
| 11 |
> The MetaManifest GLEP relies on a signed top-level "MetaManifest" which |
| 12 |
> hashes all sub Manifests, whether they are signed or not doesn't matter. |
| 13 |
|
| 14 |
I'd say that those are two independent issues. But by starting to figure |
| 15 |
out how to force signed commits for everyone we at least get the |
| 16 |
infrastructure done. |
| 17 |
|
| 18 |
As long as we have no strict guidelines I don't see any advantage of |
| 19 |
using signed commits, so I've never used them. Getting a coherent policy |
| 20 |
for that sounds like a really good idea |
| 21 |
(key length, expiry time, availability on keyservers etc.) |
| 22 |
> |
| 23 |
> I don't see a major advantage to signed portage snapshots we already |
| 24 |
> offer today. |
| 25 |
> |
| 26 |
> |
| 27 |
> Do you want to reject signed commits if |
| 28 |
> - keys are not publicly available [1] |
| 29 |
> - signatures are from expired keys [2] |
| 30 |
> - keys are revoked [3] |
| 31 |
> - keys are not listed in userinfo.xml (current or former devs) [4] |
| 32 |
|
| 33 |
Yes, yes, yes, and yes :) |
| 34 |
But since we don't have policies in place yet it's a bit of a mess right |
| 35 |
now. |
| 36 |
|
| 37 |
So. What parameters do we need to agree on? |
| 38 |
|
| 39 |
And what's a realistic timeframe *if* we decide to go ahead with it? |
| 40 |
|
| 41 |
Waiting for good answers :) |
| 42 |
|
| 43 |
Patrick |
| 44 |
-- |
| 45 |
Patrick Lauer http://service.gentooexperimental.org |
| 46 |
|
| 47 |
Gentoo Council Member and Evangelist |
| 48 |
Part of Gentoo Benchmarks, Forensics, PostgreSQL, KDE herds |
Archives