From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1FhMic-0002Ni-2D for garchives@archives.gentoo.org; Sat, 20 May 2006 08:21:50 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.6) with SMTP id k4K8KKQ5013049; Sat, 20 May 2006 08:20:20 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.13.6/8.13.6) with ESMTP id k4K8ErgE016792 for ; Sat, 20 May 2006 08:14:53 GMT Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 1B3AC642A3 for ; Sat, 20 May 2006 08:14:53 +0000 (UTC) Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07812-05 for ; Sat, 20 May 2006 08:14:46 +0000 (UTC) Received: from [62.147.153.16] (lns-bzn-48f-62-147-153-16.adsl.proxad.net [62.147.153.16]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id 8FC496438A for ; Sat, 20 May 2006 08:14:45 +0000 (UTC) Message-ID: <446ECF96.9090607@gentoo.org> Date: Sat, 20 May 2006 10:13:10 +0200 From: Thierry Carrez Organization: Gentoo Linux User-Agent: Thunderbird 1.5.0.2 (X11/20060506) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Signing everything, for fun and for profit References: <1147988717.32416.51.camel@localhost> In-Reply-To: <1147988717.32416.51.camel@localhost> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Status: No, score=-1.302 required=5.5 tests=[AWL=-0.649, BAYES_00=-2.599, RCVD_IN_NJABL_DUL=1.946] X-Spam-Score: -1.302 X-Spam-Level: X-Archives-Salt: 844d4851-42a7-4dad-9163-c9c96acf618e X-Archives-Hash: fbc42d08bde9a56eeed6fb80c3aa3cdd Patrick Lauer wrote: > Signing strategies > ================== > > Once there is an agreement on what files to sign with what kind of keys > there remains the question how to sign it. There are at least three > strategies: > [...] I prefer a semi-secure solution appearing soon rather than waiting another three+ years for a potentially better solution. Currently users only have two choices : - masterkey-signed portage snapshots - unsigned (and so, insecure) rsync mirrors This is obviously not satisfying. It has taken years to try to get per-developer signing implemented, without success. We should try to do masterkey signing ("simple" method) and see if we go somewhere. It's is so much better than nothing. So I would rather work on ensuring everything in portage gets properly signed rather than designing key policies, cross-signing strategies and ways to force developers to sign properly. Given the current state of Gentoo it is a much more reachable goal. -- Thierry Carrez (Koon) Gentoo Security Team and Gentoo Council Member -- gentoo-dev@gentoo.org mailing list