From: Chris Bainbridge <C.J.Bainbridge@ed.ac.uk>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Key policy for GPG verification [was: 2004.2 Feature Requests]
Date: Sat, 1 May 2004 12:09:02 +0100 [thread overview]
Message-ID: <200405011209.02935.C.J.Bainbridge@ed.ac.uk> (raw)
In-Reply-To: <20040430222338.327af167@sven.genone.homeip.net>
On Friday 30 April 2004 21:23, Marius Mauch wrote:
> Ok, guess I should repeat that the most important thing for GPG signing
> (actually the missing part is verification) that's still missing is a
> key policy: where to store keys, how to check if they are trustworthy
> and so on. If we can agree on a simple and effective solution there it
> shouldn't be too difficult to implement this feature (talking about code
> here, not the tree). The last time we had a way too long thread with way
> too many details and discussions about problem scenarios, please let's
> try to avoid that.
> And to get everyone on track I'll start with a very simple proposal
> (idea stolen from Spanky IIRC), I won't say that it's really effective
> though:
> - keys are stored in a keyring and are installed by an ebuild
> - a key is trustworthy if it is in that keyring
> - expiration is handled by removing the key from that keyring
> - each modification to the keyring involves a version bump on the ebuild
> That's about the easiest for implementation and doesn't require anything
> new for our infrastructure or key-signing-sessions. It does not say who
> will manage that keyring though as that is not important for the
> implementation. I'm pretty sure that the idea has a number of flaws, but
> we have to start somewhere.
>
> Marius
Uh oh.. this again ;-)
The above proposal doesn't allow recovery from a compromise, since someone
could update the new keys ebuild to a new one containing only their key. The
master key / monthly signing multi-server keys proposal was better. See the
archives for details.
--
gentoo-dev@gentoo.org mailing list
next prev parent reply other threads:[~2004-05-01 11:09 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-30 3:42 [gentoo-dev] 2004.2 Feature Requests John Davis
2004-04-30 6:03 ` Joshua Brindle
2004-04-30 7:25 ` Kurt Lieber
2004-04-30 16:37 ` Pieter Van den Abeele
2004-05-02 17:01 ` Donnie Berkholz
2004-05-02 19:34 ` Pieter Van den Abeele
2004-05-02 19:50 ` Nathaniel McCallum
2004-05-02 20:02 ` Paul de Vrieze
2004-04-30 13:39 ` Eric Sammer
2004-05-04 5:23 ` Jason Huebel
2004-05-04 9:04 ` Bjoern Michaelsen
2004-05-04 12:31 ` Troy Dack
2004-05-04 12:35 ` Allen D Parker
2004-05-04 14:31 ` Jason Huebel
2004-05-04 17:00 ` david
2004-05-04 17:21 ` Georgi Georgiev
2004-05-04 22:28 ` Josh Grebe
2004-05-04 22:44 ` Georgi Georgiev
2004-05-08 4:00 ` John Davis
2004-04-30 6:16 ` Kumba
2004-04-30 7:22 ` Joshua Brindle
2004-04-30 7:43 ` Kumba
2004-04-30 7:56 ` Sven Vermeulen
2004-04-30 7:25 ` Sven Vermeulen
2004-04-30 7:48 ` Kumba
2004-04-30 16:44 ` Pieter Van den Abeele
2004-04-30 16:33 ` Pieter Van den Abeele
2004-04-30 7:05 ` Stuart Herbert
2004-04-30 16:18 ` [gentoo-dev] " Johannes Segitz
2004-04-30 17:37 ` [gentoo-dev] " Marius Mauch
2004-04-30 18:15 ` Lars Strojny
2004-05-01 12:23 ` Sven Vermeulen
2004-04-30 22:51 ` N. Owen Gunden
2004-04-30 23:07 ` Jon Portnoy
2004-04-30 23:21 ` N. Owen Gunden
2004-04-30 23:29 ` Jon Portnoy
2004-04-30 23:47 ` Stuart Herbert
2004-05-01 2:16 ` Dan Podeanu
2004-05-01 19:10 ` Chris Gianelloni
2004-05-01 22:21 ` Greg KH
2004-05-01 17:46 ` [gentoo-dev] " Jerry McBride
2004-04-30 17:54 ` [gentoo-dev] " Lisa Seelye
2004-04-30 19:01 ` John Davis
2004-04-30 20:23 ` [gentoo-dev] Key policy for GPG verification [was: 2004.2 Feature Requests] Marius Mauch
2004-05-01 11:09 ` Chris Bainbridge [this message]
2004-04-30 23:50 ` [gentoo-dev] 2004.2 Feature Requests Spider
2004-05-01 11:50 ` Heinrich Wendel
2004-05-01 17:46 ` [gentoo-dev] " Jerry McBride
2004-05-02 3:40 ` Jon Portnoy
2004-05-02 10:04 ` Jason Stubbs
2004-05-02 17:00 ` Jason Wever
2004-05-02 3:48 ` Grant Goodyear
2004-05-02 9:55 ` Paul de Vrieze
2004-05-03 4:48 ` John Nilsson
2004-05-03 6:39 ` Brian Friday
2004-05-03 7:56 ` Paul de Vrieze
2004-05-11 7:51 ` [gentoo-dev] still missing local use flags Michael Sterrett -Mr. Bones.-
2004-05-01 23:41 ` [gentoo-dev] 2004.2 Feature Requests Jason Stubbs
2004-05-03 11:05 ` Josh Glover
2004-05-03 11:10 ` Peter Ruskin
2004-05-06 12:34 ` [gentoo-dev] " Duncan
2004-05-07 3:33 ` [gentoo-dev] " Olivier Fisette
2004-05-07 19:42 ` Stuart Herbert
2004-05-07 4:26 ` Nick Rout
2004-05-07 6:57 ` Christian Parpart
2004-05-07 15:26 ` Donnie Berkholz
2004-05-07 15:15 ` Chris Bainbridge
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200405011209.02935.C.J.Bainbridge@ed.ac.uk \
--to=c.j.bainbridge@ed.ac.uk \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox