Zac Medico: > On 03/06/2015 09:50 AM, Mark Kubacki wrote: >> We're on the same side here. >> >> Do we have numbers showing the ratio "portage used with defaults" vs. >> where "[webrsync-gpg] is described in many hardening guides for gentoo >> and widely used among the security conscious" applies? >> >> DNS not being encrypted is just painting the whole picture. Point is, >> the default is that "emerge --sync" results in a transfer using RSYNC >> (or http). >> >> And by default you cannot compare the result with any authoritative source. >> > > Ideally, we can rely on security mechanisms built into git [1], possibly > involving signed commits. > > [1] https://github.com/gentoo/gentoo-portage-rsync-mirror
Then the question is, how secure are signatures when used wit hgit? A while ago I wrote a blog post asking that question, referencing a lot related information, started a discussion and also posted this on the git mailing list. "How safe are signed git tags? Only as safe as SHA-1 or somehow safer?" [1] [2] Cheers, Patrick [1] https://www.whonix.org/blog/how-safe-are-signed-git-tags-only-as-safe-as-sha-1-or-somehow-safer [2] http://www.mail-archive.com/[email protected]/msg61087.html
