From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 513DB1382C5 for ; Thu, 25 Jan 2018 21:37:31 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6D73FE08EE; Thu, 25 Jan 2018 21:37:24 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1DB21E08D4 for ; Thu, 25 Jan 2018 21:37:24 +0000 (UTC) Received: from grubbs.orbis-terrarum.net (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 5E924335C33 for ; Thu, 25 Jan 2018 21:37:23 +0000 (UTC) Received: (qmail 18669 invoked by uid 10000); 25 Jan 2018 21:37:21 -0000 Date: Thu, 25 Jan 2018 21:37:21 +0000 From: "Robin H. Johnson" To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [News item review] Portage rsync tree verification (v2) Message-ID: References: <1516874667.1833.4.camel@gentoo.org> <1516883717.1833.10.camel@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1516883717.1833.10.camel@gentoo.org> User-Agent: Mutt/1.8.2 (2017-04-18) X-Archives-Salt: f5ba571a-a06f-40f0-91a3-21d12d6c216a X-Archives-Hash: 3259a004fcf56f9e8febc8ed1ab71407 On Thu, Jan 25, 2018 at 01:35:17PM +0100, Michał Górny wrote: > Title: Portage rsync tree verification > Author: Michał Górny > Posted: 2018-01-xx > Revision: 1 > News-Item-Format: 2.0 > Display-If-Installed: Starting with sys-apps/portage-2.3.22, Portage enables cryptographic > verification of the Gentoo rsync repository distributed over rsync > by default. Seems very wordy, suggested cleanup: || Starting with sys-apps/portage-2.3.22, Portage will verify the Gentoo || repository after rsync by default. > This aims to prevent malicious third parties from altering > the contents of the ebuild repository received by our users. > > This does not affect users syncing using git and other methods. > Appropriate verification mechanisms for them will be provided > in the future. Note that emerge-webrsync has verification via FEATURES=webrsync-gpg? Rewrite: || The new verification is intended for users who syncing via rsync. || Users who sync by emerge-webrsync should see [linkref]. || Verification mechanisms for other methods of sync will be provided in || future. > On Gentoo installations created using installation media that included > portage-2.3.22, the keys will already be covered by the installation > media signatures. On existing installations, you need to manually > compare the primary key fingerprint (reported by gemato on every sync) > against the official Gentoo keys [1]. An example gemato output is: > INFO:root:Valid OpenPGP signature found: > INFO:root:- primary key: 1234567890ABCDEF1234567890ABCDEF12345678 > INFO:root:- subkey: FEDCBA0987654321FEDCBA0987654321FEDCBA09 Either we should use real key here, or specifically note this is a fake key output on purpose. -- Robin Hugh Johnson Gentoo Linux: Dev, Infra Lead, Foundation Treasurer E-Mail : robbat2@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136