Gentoo Archives: gentoo-security

From: Paul de Vrieze <pauldv@g.o>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Re: Re: Re: Gentoo TOTALLY secure now!!!!!!!!!!!!!!!!
Date: Thu, 11 Nov 2004 20:57:16
Message-Id: 200411112156.52274.pauldv@gentoo.org
In Reply to: [gentoo-security] Re: Re: Re: Gentoo TOTALLY secure now!!!!!!!!!!!!!!!! by Chris Frey
1 On Thursday 11 November 2004 19:49, Chris Frey wrote:
2 > In another post, you asked whether we expect the devs to drop everything to
3 > implement the checking in emerge sync. I certainly don't expect that.
4 > Once the signatures are available from the server, any user can use them
5 > and write their own code to do the checks. The signature is all we need.
6
7 Unfortunately this is not true. There are a number of requirements for the
8 solution that is finally implemented. Most of the problems are
9 organizatorial, not technical:
10 - There must be a way to ensure that all files in the tree are signed / no dev
11 commits unsigned manifests anymore
12 - There must be a way to get the list of valid dev keys.
13 - The lifetime of the validness of the dev key list must be short to allow for
14 added devs and compromised keys.
15 - The key(s) used to sign the key list must be secure in some way and trusted
16
17 Besides this the key list must be assembled and maintained. At some point also
18 manifests must be resigned because their keys are invalidated. Those
19 manifests must be automatically identified.
20
21 Paul
22
23 --
24 Paul de Vrieze
25 Gentoo Developer
26 Mail: pauldv@g.o
27 Homepage: http://www.devrieze.net

Replies

Subject Author
[gentoo-security] Re: Re: Re: Re: Gentoo TOTALLY secure now!!!!!!!!!!!!!!!! Chris Frey <cdfrey@×××××××××.ca>