From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-security-return-1610-arch-gentoo-security=gentoo.org@lists.gentoo.org> Received: (qmail 17628 invoked from network); 10 Nov 2004 05:00:02 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 10 Nov 2004 05:00:02 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.41) id 1CRkaP-0000LZ-M5 for arch-gentoo-security@lists.gentoo.org; Wed, 10 Nov 2004 05:00:01 +0000 Received: (qmail 3295 invoked by uid 89); 10 Nov 2004 04:59:40 +0000 Mailing-List: contact gentoo-security-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: <mailto:gentoo-security@gentoo.org> List-Help: <mailto:gentoo-security-help@gentoo.org> List-Unsubscribe: <mailto:gentoo-security-unsubscribe@gentoo.org> List-Subscribe: <mailto:gentoo-security-subscribe@gentoo.org> List-Id: Gentoo Linux mail <gentoo-security.gentoo.org> X-BeenThere: gentoo-security@gentoo.org Received: (qmail 32398 invoked from network); 10 Nov 2004 04:59:40 +0000 From: Jason Stubbs <jstubbs@work-at.co.jp> Organization: Work@ Inc To: gentoo-security@lists.gentoo.org Date: Wed, 10 Nov 2004 14:00:39 +0900 User-Agent: KMail/1.7.1 References: <20041110020620.F1ADE2B3DB@smtp.istop.com> <20041109233509.A19723@netdirect.ca> In-Reply-To: <20041109233509.A19723@netdirect.ca> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200411101400.39645.jstubbs@work-at.co.jp> Subject: Re: [gentoo-security] Re: Out of air X-Archives-Salt: ae3fb7d9-ec68-47a3-9020-b049e2493cd4 X-Archives-Hash: bb707ed3bc0b854b8fa011f633adbf31 On Wednesday 10 November 2004 13:35, Chris Frey wrote: > On Tue, Nov 09, 2004 at 09:05:41PM -0500, Denis Roy wrote: > > > not prompted the beginning of a new initiative in signing the tree > > > > because that was already underway. I very much doubt that it'll speed > > up the progress made on that initiative, because the main limiting > > factor is time. No matter what is said here, it's not going to make > > anybody go out and quit their jobs in order to get tree signing > > implemented quicker. > > The problem with phrasing it this way is that it implies there is only > one way to address this issue. It may be true that Gentoo has decided > on only one way to address the issue, but there are other ways to do it. A large part of the 1.5 years was spent discussing the best solution - threads not unsimilar to this one. Even to the end, there were still people bringing up the point that signing doesn't protect against wayward developers. Even so, after reveiwing all the points a decision was reached because most agreed that something needed to be done. > The current development effort that is underway is not one that can be > implemented overnight, but there is a solution that manages to satisfy > the core needs of this thread that can be implemented overnight. I would advise everybody to read through aforementioned discussions in the archives of gentoo-dev@gentoo.org before persuing this. Something that appears so simple as this on the surface still has a number of sharp edges. The infrastructure team would have to do some careful planning and possibly restructing of job control on the master rsync and cvs servers. The portage team would need to implement support for verifying the signature is valid. Whoever else would have to plan and implement distribution of this all-powerful key. But it doesn't stop there. Following this would be plan of action for the case that the all-powerful key is compromised. Then there is also the up to six month transition period between this solution and the solution that is currently being implemented. That also requires careful planning and implementation. So.. adding this simple solution now actually more than doubles the amount of work that needs to be done down the track. Regards, Jason Stubbs -- gentoo-security@gentoo.org mailing list