On Wed, Jul 26, 2006 at 05:06:27PM +0100, martin f krafft wrote: > also sprach Marc Haber <[EMAIL PROTECTED]> [2006.07.26.1632 +0100]: > > While we're at it, I am very much in favor that we start accepting > > binary package signatures again. We were on the right way to assure > > package integrity on a package level when our archive suddenly stopped > > accepting signed binary packages. > > Where's the added benefit if our archive serves binaries with > signatures? I am actually in favour of this, but I do remember that > this was the question neuro threw back at me when I brought it up in > Mexico.
It is much easier to verify package integrity since the signature is directly on the binary package. It works for out-of-tree software, and it helps just in case you are too paranoid to trust ftpmaster. I remember that back in the days of the 2003 compromise, ftpmaster was - as usual - less than cooperative towards the people who wanted to do their own verification of archive integrity. For example, if I remember correctly, the question whether the automatic archive signing key was stored on one of the compromised boxes, was never clearly answered. secure apt has greatly improved things (with secure apt, one does not any more need the changes files to verify the archive, IIRC), but I still feel more comfortable if the more distributed model of binary packages signed by the builder were supported again. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
