On Thu, Jan 03, 2008 at 04:57:45PM -0600, Michael E Brown wrote: > On Thu, Jan 03, 2008 at 05:22:27PM -0500, seth vidal wrote: > > > > On Thu, 2008-01-03 at 23:18 +0100, Till Maas wrote: > > > On Do Januar 3 2008, seth vidal wrote: > > > > > > > it uses urlgrabber which uses urllib[2] underneath. ssl connections > > > > specific ca to focus on. > > > > > > > > but what does this have to do with gpg certs? gpg certs aren't ssl > > > > certs. > > > > > > When yum (rpm?) verifies ssl certificates for https urls to acquire > > > gpgkeys, > > > it is possible to use these urls in the mock config, without losing > > > (much) > > > security. > > > > too many options here: > > 1. rpm has nothing to do, in yum, with downloading gpg keys or packages. > > 2. you want to use an ssl cert to verify the location we're retrieving > > the gpg keys from? And you want to use a special CA to guarantee we have > > the right one? > > 3. What's the LOSS of security you're worried with? > > I believe that Till is concerned with establishing a chain-of-trust so > that we know the output RPMs from mock are good. This chain starts at > the mock binary and goes to the mirror we download the RPMs from for the > chroot. We have to have a way to know that what we are downloading from > the mirror has not been compromised in any way. > > Till, from a maintenance standpoint, I favor simply adding an https url > for the gpg keys. From a security perspective, it would most likely be > best if mock included the respective keys. > > If mock is going to include keys, you should name them after the > respective mock configs so it is easy to see when we can drop specific > keys. RPM-GPG-KEY-fedora-8-x86_64 or something similar.
Looking at this further, not a *huge* deal, but if you add the actual files to the mock rpm, this will break my unit tests unless you manually copies the files into place before running the tests. -- Michael -- Fedora-buildsys-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
