Stephen Hahn wrote: > * Darren Reed <Darren.Reed at Sun.COM> [2008-07-30 19:45]: > >> Stephen, >> >> I've updated the issues files with the questions from the meeting >> this morning and made a brief note of the answers that I could >> remember. >> >> There were two questions I had from the discussion that I didn't >> bring up at the time: >> >> djr-3 Can package authorities be discovered rather than configured? >> >> djr-5 If multiple catalogues/depots are available, how does IPS choose >> which one to use if they are publishing conflicting information? >> >> For djr-3, I'm thinking along the lines of using multicast discovery on >> your local LAN or corporate WAN/LAN or maybe clues via DHCP or >> even a special DHCP tag or ... >> > > Yes, we think multicast discovery is very interesting for discovering > local depots. We'd also like to have a means for one repository to > offer pointers to other interesting repositories, although this could > be as simple as a package with a bunch of authority definitions. > > We'll discuss djr-5 and get a proper response, but fully adversarial > repositories, presumably with legitimate cryptographic tokens, hasn't > been a focus. Our model has been trust signed metadata, distrust > contents. We could go further into what "trust" means, I suppose. >
Yes, a discussion of trust is relevant here. I also would prefer to see a model where nested signing or multiple signing is possible. Also, management of the trust anchor(s) is something I'd like to see more fully discussed. -- Garrett > - Stephen > >
