On Wed Oct 07 11:31:42 +0100 2009 Christian Robottom Reis wrote: > On Wed, Oct 07, 2009 at 11:11:14AM +0100, James Westby wrote: > > That changes the security assurances that we have for packages, you > > are now relying on SSH keys rather than GPG keys. Are they believed > > to give us the same assurances? > > I don't know the answer to that, but I want to underline that changing > the GPG requirement is a /possibility/ of allowing SSH uploads. We could > also allow people to use SSH but still require GPG-signed packages and > rock the boat slightly less during that change. Doing that may require > comparing SSH and GPG keys to verify the owners match, but it's an easy > step forward.
Indeed, and that is something that I would support, the reason you gave below among others. > > Is this change driven by concerns over the current process for binary > > uploads > > from the buildds? > > Well, one driver of it is being able to provide synchronous > authentication feedback to the uploader; today anonymous FTP means fire > and forget and if we can't validate the GPG key, we can't send email > back to the uploader (we don't know who he is!) and that leads to > support issues of the sort "where's my upload". Other sorts of more > synchronous feedback would be possible in this model. Thanks, James _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
