1 |
On Wednesday 10 November 2004 13:35, Chris Frey wrote: |
2 |
> On Tue, Nov 09, 2004 at 09:05:41PM -0500, Denis Roy wrote: |
3 |
> > > not prompted the beginning of a new initiative in signing the tree |
4 |
> > |
5 |
> > because that was already underway. I very much doubt that it'll speed |
6 |
> > up the progress made on that initiative, because the main limiting |
7 |
> > factor is time. No matter what is said here, it's not going to make |
8 |
> > anybody go out and quit their jobs in order to get tree signing |
9 |
> > implemented quicker. |
10 |
> |
11 |
> The problem with phrasing it this way is that it implies there is only |
12 |
> one way to address this issue. It may be true that Gentoo has decided |
13 |
> on only one way to address the issue, but there are other ways to do it. |
14 |
|
15 |
A large part of the 1.5 years was spent discussing the best solution - threads |
16 |
not unsimilar to this one. Even to the end, there were still people bringing |
17 |
up the point that signing doesn't protect against wayward developers. Even |
18 |
so, after reveiwing all the points a decision was reached because most agreed |
19 |
that something needed to be done. |
20 |
|
21 |
> The current development effort that is underway is not one that can be |
22 |
> implemented overnight, but there is a solution that manages to satisfy |
23 |
> the core needs of this thread that can be implemented overnight. |
24 |
|
25 |
I would advise everybody to read through aforementioned discussions in the |
26 |
archives of gentoo-dev@g.o before persuing this. Something that |
27 |
appears so simple as this on the surface still has a number of sharp edges. |
28 |
The infrastructure team would have to do some careful planning and possibly |
29 |
restructing of job control on the master rsync and cvs servers. The portage |
30 |
team would need to implement support for verifying the signature is valid. |
31 |
Whoever else would have to plan and implement distribution of this |
32 |
all-powerful key. |
33 |
|
34 |
But it doesn't stop there. Following this would be plan of action for the case |
35 |
that the all-powerful key is compromised. Then there is also the up to six |
36 |
month transition period between this solution and the solution that is |
37 |
currently being implemented. That also requires careful planning and |
38 |
implementation. So.. adding this simple solution now actually more than |
39 |
doubles the amount of work that needs to be done down the track. |
40 |
|
41 |
Regards, |
42 |
Jason Stubbs |
43 |
|
44 |
-- |
45 |
gentoo-security@g.o mailing list |