On Thursday 08 January 2004 08:12, John Nilsson wrote: > > Uh, how silly. Either you trust someone with the whole tree or you > > don't trust them at all. > > Why not build something around a "web of trust" with pgp signatures? > Have an open tree where people could submit anything that passed > autotests. All submisions would be signed. Signed content could only > get updated buy user with same signature or dev with higher trust for > that area.
This does not help at all for initial submissions. It allows anyone who knows how to create a pgp key to get something in the tree. However if you make some nuances to this idea, I think it could be workable.
This was kind of the idea... In the future I would like a system where any developer can publish their project as an ebuild, just as one would put an rpm or install script on the web to day.
Point beeing thar some submissions would be screened by core devs and signed by them. Some trusted signs would be signed by core devs. When the infrastructure is up the decision to trust an ebuild is entirely up to the sys-admin: latest and greatest with a serious secutity risk or only ebuilds trusted by core devs.
I also see the portage tree evolving from a big hunk of files mirrored all over the place, into a web in its on right.
/John
pgp00000.pgp
Description: PGP signature
