> > Is it possible to use cryptography here to make this a bit more safe > > and > > easier to use? Instead of just matching "org.gnome.Platform" name, > > apps > > could maybe also require that "org.gnome.Platform" is signed with a > > certain key? And then we could do automatic install if we can find a > > runtime with matching signature? Also, maybe different > > "org.gnome.Platform" runtimes signed with different keys should be > > parallel installable? > > We could pre-install a configuration for an individual runtime like > org.gnome.Platform, which includes a GPG key, and then that could be > used automatically. This essentially happens now I think. At least > there was a discussion about including preconfigured remotes for > fedora. > > However, assuming this is a runtime we know nothing about, and some app > A depends on it. What prohibits app B to say it depends on that runtime > name, but supplying a different url for it *and* a different GPG key. I think the idea wasn't that Fedora carries a list a known runtimes and their keys, but the app manifest itself specifies the required runtime and its key (this would be mandatory). So it's a) distributed and b) the runtime can't be subverted for any app. But it would also mean that runtimes of the same name would have to be parallel installable (otherwise someone decides to rebuild and host the gnome platform on their own, but not change the name, and then we have a collision and a problem). _______________________________________________ desktop mailing list -- desktop@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to desktop-leave@xxxxxxxxxxxxxxxxxxxxxxx
