On Thu, 2008-01-03 at 15:31 -0600, Michael E Brown wrote: > So lets see if we can work this out. > > It looks to me like the goal of adding gpg key support is to add some > stricter security guarantees around mock builds. It would be nice if you > could codify exactly what you think the security guarantee should look > like, and what are the possible attack vectors against this. This should > guide us in resolving this. > > Yum uses urllib underneath to download stuff. I assume it would support > https, but I dont know anything about how it verifies certificates. >
it uses urlgrabber which uses urllib[2] underneath. ssl connections specific ca to focus on. but what does this have to do with gpg certs? gpg certs aren't ssl certs. -sv -- Fedora-buildsys-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
