From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1KHagp-0002Wg-RX for garchives@archives.gentoo.org; Sat, 12 Jul 2008 08:42:48 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DA949E0375; Sat, 12 Jul 2008 08:42:46 +0000 (UTC) Received: from mail.isohunt.com (b01.ext.isohunt.com [208.71.112.51]) by pigeon.gentoo.org (Postfix) with ESMTP id CD47AE0375 for ; Sat, 12 Jul 2008 08:42:46 +0000 (UTC) Received: (qmail 3156 invoked from network); 12 Jul 2008 08:42:46 -0000 Received: from S010600022af11287.vc.shawcable.net (HELO curie.orbis-terrarum.net) (24.84.179.214) (smtp-auth username robbat2@isohunt.com, mechanism login) by mail.isohunt.com (qpsmtpd/0.33-dev on beta01) with (AES256-SHA encrypted) ESMTPSA; Sat, 12 Jul 2008 08:42:46 +0000 Received: (qmail 3769 invoked by uid 10000); 12 Jul 2008 01:42:58 -0700 Date: Sat, 12 Jul 2008 01:42:58 -0700 From: "Robin H. Johnson" To: gentoo-portage-dev@lists.gentoo.org Subject: [gentoo-portage-dev] proto-GLEPS for Tree-signing, take 2 Message-ID: <20080712084258.GC31199@curie-int.orbis-terrarum.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="c7hkjup166d4FzgN" Content-Disposition: inline User-Agent: Mutt/1.5.16 (2007-06-09) X-Archives-Salt: bbbfa1c1-5280-49bc-8deb-ebfd7961e6ef X-Archives-Hash: 8d867c110b99e3562736907fa0864877 --c7hkjup166d4FzgN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable So I'm not going to directly attach the GLEPs again this time, however I am just going to link to them, and summarize the changes: xx+1: - Add mention of how to defeat the mirror replay attacks from Stork@UArizon= a. - Clarify wording of the UNCOVERED=3DALL-COVERED set math, and why it's important (genone) - Add a timestamp to the metamanifest. - Mention that it can be implemented without the new Manifest2 filetypes. xx+5: - Update the exclusion lists. - Exclusion list behavior during strict validation. - Fix typos. prototype/generate-metamanifest.py: - Prototype of the MetaManifest generation. - Doesn't sign yet, but does include the timestamp. - Uses existing Manifest2 types. - See header for existing runtime info - it's quite fast. http://sources.gentoo.org/viewcvs.py/gentoo/users/robbat2/tree-signing-glep= s/ I'd like to ask for any comments to be in to me by July 14th 23:59UTC. After that I'd like to post the GLEPs to the gentoo-dev mailing list. --=20 Robin Hugh Johnson Gentoo Linux Developer & Infra Guy E-Mail : robbat2@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 --c7hkjup166d4FzgN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Robbat2 @ Orbis-Terrarum Networks - The text below is a digital signature. If it doesn't make any sense to you, ignore it. iEYEARECAAYFAkh4bpIACgkQPpIsIjIzwiy6LgCfT9tUnN9NfcZiQ4fwpxXv3Eii rBcAoO5hTYrmG00X4cLWHBDqT/7GCxUI =nLXZ -----END PGP SIGNATURE----- --c7hkjup166d4FzgN-- -- gentoo-portage-dev@lists.gentoo.org mailing list