1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
On Wednesday 24 March 2004 00:36, Jesse Nelson wrote: |
5 |
> so a dev key would be revoked by a sync on a file containing a list |
6 |
> of dev keys ? what if i compromise a rsync server adn a developers |
7 |
> box. This isnt that far fetched a scenario. I get acess to a dev key |
8 |
> and i stop a server from updateing the signed key sigs file. |
9 |
|
10 |
That's why the signing key needs to be shortlived. Basically if the |
11 |
signing key is valid for 1 day, the list of dev keys becomes invalid |
12 |
after a day. That would halt the rsync part of the problem. Of course it |
13 |
would still be a compromise and we would need to check all files signed |
14 |
by the key, but it would be needed anyway as it is unlikely we can stop |
15 |
the intrusion at the moment it happens. |
16 |
|
17 |
> this also doesnt begin to solve the rogue developer problem (tho thats |
18 |
> not the goal on this i guess) |
19 |
|
20 |
There is no way to stop this before that person is identified in any |
21 |
case. After this person is identified his keys will be revoked and all |
22 |
the packages signed by him/her are invalid. They will need to be |
23 |
resigned by someone else to be valid again. |
24 |
|
25 |
> imho every package needs 2 pairs of eyes b4 gettin released. (2 dev |
26 |
> sigs + sign key) but theres procedural and time constraints that will |
27 |
> probly prevent that from ever happening. |
28 |
|
29 |
That is a QA issue, but would not change the basic infrastructure. I |
30 |
think we should first discuss single signatures and then only discuss |
31 |
multiple signatures. |
32 |
|
33 |
Paul |
34 |
|
35 |
- -- |
36 |
Paul de Vrieze |
37 |
Gentoo Developer |
38 |
Mail: pauldv@g.o |
39 |
Homepage: http://www.devrieze.net |
40 |
-----BEGIN PGP SIGNATURE----- |
41 |
Version: GnuPG v1.2.4 (GNU/Linux) |
42 |
|
43 |
iD8DBQFAYWS9bKx5DBjWFdsRAr7cAKDdO71+8LiHg9KR2E1pZp7QyqAVvQCgrOXY |
44 |
EPRjTlCzStpL5DNQCKh8T8U= |
45 |
=INcS |
46 |
-----END PGP SIGNATURE----- |
47 |
|
48 |
-- |
49 |
gentoo-dev@g.o mailing list |