On Fri, 9 Mar 2001, Ben Collins wrote: > > Then IMHO they are not very worthwhile. When the best Debian can do is say > > 'all packages are signed by one of these 800 keys' :P > > That's why the package should also get signed by the same dinstall key > that signs the release sig :P
Debian can't do that because of our mirror network. > Of course, which is why I said that the two compliment each other. If you really think that then let debsigs handle the things it is good at and focus on that. I don't think the current dpkg patch has that kind of focus. > You keep arguing as if anyone thinks that the .deb sig is trying to do > things that the release sig was meant to do. That is not the case. Stop You accused me of never defining "obsolete attacks". The above is the example I have given several times. > arguing against weak points of signing deb's compared to strong points > of having a release sig. The two work together. Where one fails the I did not make a value judgement, I answered your question :P > other picks up. It's not a competition Jason, it's a cooperative effort > here. No one is trying to step on any toes. I have consistently maintained the viewpoint that deb signatures allow fine grained, highly paranoid security checking when used by a skilled user. What I dispute is that they can be automated for use by Debian and realize anything but a minor security increase. To me this dpkg patch in its current form is exactly that sort of automation and I think it gives a bad impression to our users. Jason
