On Fri, Jan 20, 2017 at 6:15 PM, Marek Marczykowski-Górecki <[email protected]> wrote: > But there is one precondition to even think about something like this: we'd > need to build > _all_ dom0 packages ourself. Currently we use Fedora packages directly. > And those packages are signed with gpg.
Indeed. And there's still the fact that the sources are likely ultimately verified with pgp... OpenBSD is satisfied with a trust-on-first-use model (source archive hash is first measured and recorded by the port maintainer, and later verified to match when built officially on trusted infrastructure). This provides at least some checking across time and networks. The cost of needing to build everything yourself was a non-issue for the *BSDs because they have significantly greater control over their respective ecosystems than in GNU/Linux land, and have already been providing binary packages of everything themselves for well over a decade. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/CABQWM_D1NdsGebtN5V7wPkjTLk9yjoZWsDkyTDcTQYL4PKoH5Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
