From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Q3Chu-0000pF-Cz for garchives@archives.gentoo.org; Fri, 25 Mar 2011 19:30:02 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 736ED1C080; Fri, 25 Mar 2011 19:29:53 +0000 (UTC) Received: from mail-iy0-f181.google.com (mail-iy0-f181.google.com [209.85.210.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 8BB9E1C0B8 for ; Fri, 25 Mar 2011 19:29:04 +0000 (UTC) Received: by iyb26 with SMTP id 26so1780881iyb.40 for ; Fri, 25 Mar 2011 12:29:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:from :date:x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; bh=hqpLjCiPZbBPRsKGbuTkOpMTaBNMDyewqwtr9obQgu8=; b=XitQeLm6SYD2HbhcNrQR7szmqTWuxTGV+RkR860h7JOmP0HjtBM2eoAsVWY9Ewf3ag 3AEAWudJgTw2Y3iO5fqPb1FVm5hiRhjytsj66skkdGde0zYs5oEvNERvA4GeSkIWn/Cn 75aYMNSzbMa61KRkNUg/ptSUJ3Hg/+reX3crw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; b=EOaeVyBEdjXn0curD2VCPN7D+/2sh2C1Yux1fLcUYngragK7JBTAEjl7BAE3Ic0gDR BHjgFBwLBcJDmOF8DpQVZNx1kCwtcI/vveuwPsLkFfr0cSpt9vUXinzMhMDKZ3+aazjV XXI0orUzH4T9bpdMbnk/fY1OlkrAccNrNhYTQ= Received: by 10.42.156.196 with SMTP id a4mr1760987icx.214.1301081344109; Fri, 25 Mar 2011 12:29:04 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Sender: vapierfilter@gmail.com Received: by 10.231.11.195 with HTTP; Fri, 25 Mar 2011 12:28:44 -0700 (PDT) In-Reply-To: <4D8CE590.8060905@gentoo.org> References: <20110325074824.TAf2c206.tv@veller.net> <201103250953.19757.dilfridge@gentoo.org> <4D8CE590.8060905@gentoo.org> From: Mike Frysinger Date: Fri, 25 Mar 2011 15:28:44 -0400 X-Google-Sender-Auth: wqHXZe7mxIVrIKLVKCvAcrfFFcI Message-ID: Subject: Re: [gentoo-dev] Re: rejecting unsigned commits To: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: fa268d3d4c8a99e376b0749f6ff1b7c9 On Fri, Mar 25, 2011 at 2:57 PM, Dane Smith wrote: > On 03/25/2011 02:46 PM, Mike Frysinger wrote: >> On Fri, Mar 25, 2011 at 4:53 AM, Andreas K. Huettel wrote: >>> Of course now we can add additional requirements: >>> >>> * The key must have an userid that refers to an official Gentoo e-mail >>> address. E.g. dilfridge@gentoo.org >> >> no. =A0there's no reason for this requirement, and it prevents proxy >> maintenance long term. =A0e-mail addresses do not verify identity, >> verifying identify verifies identity. =A0this is the point of the web of >> trust. > > We are somewhat limited in the amount that we can verify "identity." > Sure you can get a decent web of trust from signing the keys of people > you've met at conferences, however, there will be people outside of that > web. creating one "tree key" which signs all developer keys listed in LDAP is trivial to do > What we need to verify is rather that the person who made the > commit is someone who is authorized to make the commit and that it was > in no way tampered with. you're validating only that the machine with access to the private keys pushed up the commit. hopefully the only person with said machine is the one we recruited. -mike