>the problem is (as you wrote) 'supposed to be verified out-of-band'. >for some less technical people, even verifying the signature is a huge >step. >i am a fan of providing easy accessible security and using already >existing infrastructure. (in case of the dom0 repo, an ultimately >trusted source). I'm weary of calling the dom0 repo an ultimately trusted source, as it implies trust in all the related infrastructure (DNS, CAs, etc.) Package managers follow a trusted objects model. Each package's signature is verified before installing, meaning trust of the repo is not required.
In either case however, a signing key must be distributed in such a fashion that it can be verified and, as such, Im not sure if this offers anything other than a wrapper around the signature verification step. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/E25AD111-9DFC-4072-A294-AEECDB5FDA0A%40kulinacs.com. For more options, visit https://groups.google.com/d/optout.