Hi Brock, I took a quick look at this,
On Sun, 2010-06-27 at 20:07 -0700, Brock Pytlik wrote: > Webrev: > http://cr.opensolaris.org/~bpytlik/ips-11611-v1/ You're adding src/util/distro-import/138/common/pkg5-dev - I guess this really should be the build number we're putting back into, rather than 138 necessarily, or is it that we're happy for nv_138 to be the minimum supported system to build the gate on? Do we need to perform packaging M2crypto or is that already an open item elsewhere? There's a few cases where there's blank lines just containing whitespaces, grep '^+ *$' recommit.bug-11611-v1.patch src/modules/actions/signature.py defines a new attribute "pkg.hashalg" - is this specific to signature actions, or could it be confused with the algorithms used to hash action/file content? (maybe 'pkg.sig_hashalg' instead?) src/tests/api/t_repositoryconfig.py line 188 and 189 and 268.. look like they have some debug code commented out, either remove it or print it using <Pkg5TestCase object>.debug(..) Is doc/signed_manifests.txt consistent with the changes in this webrev? - that's about all I have for now, I haven't really played with the built version of the code yet I admit. cheers, tim > This is the initial potential putback for manifest signing. I believe > it's fully functional but it does lack several features that might be > desired. For the initial putback, the default setting is ignore signatures. > > I plan on writing some additional tests while this is out for review as > I anticipate it taking a while to converge given it's size and span. > > Here is the list of features/bugs that are not currently part of this > set of changes but that are things that need to be done. Please let me > know if there's a reason this initial putback can't be done without one > or more of the following being done. > > X509 features: > 1) verify valid dates for certs > 2) policy checks > 3) add in support for alternative names > 4) check that leaf cert's purpose is code signing/digital signature > 5) support for oscp > 6) support delta CRLs > 7) support for DER formated certificates > > Items needed to make the default behavior to be verify signatures > 1) zones coordination > 2) ai coordination > 3) support for pub-meta data update so that new ca certs appear to the > client > when posted on the server > > Other items: > 1) api testing > 2) add a pub check to make sure we're not publishing with a cert with > unsupported critical extensions > 3) support for uri's other than http for crls > 4) allow obsolete and renamed packages to be signed > 5) properly handle variant tagged signatures > 6) support for signing inflight transactions > 7) change default policy to be verify instead of ignore > 8) have pkgsign sign the most recent version of a package if no timestamp is > provided > 9) have pkgsign sign all the packages in a repo that are not already signed > 10) support for password protected private key files > 11) verify that intermediate certificates are certificates during > publication > 12) verify that signing certificates are certificates during publication > > Thanks for taking a look, > Brock > _______________________________________________ > pkg-discuss mailing list > [email protected] > http://mail.opensolaris.org/mailman/listinfo/pkg-discuss _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
