On Mon, 2008-07-28 at 17:28 -0400, Mike McLean wrote: > On Mon, Jul 28, 2008 at 1:07 PM, Matt Domsch <Matt_Domsch@xxxxxxxx> wrote: > > 1. repomd.xml needs to be signed. Either attached or detached sig > > (advice sought). If attached, format would be > > I see a number of good ideas to improve the situation, but I don't > think I've seen anyone suggest the following. > > Would it be feasible to audit the mirror content? We have the list of > mirrors, we know what the content should be. I think we'd only need to > validate the mirrored repomd.xml, right? Doesn't seem to onerous... > > yes, yes, not perfect, malicious mirror could change the content, etc, > but at least we'd have some measure of detection. which is the point. A malicious mirror could safely lie to us and not lie to their targets. Additionally, mirrormanager DOES check the mirrors. -sv _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list