Re: Why are updates processed so slowly?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2009-02-06 at 14:43 +0100, Christoph Höger wrote:
> ONe question arrises when thinking about it:
> 
> What does that single person really sign for? I mean: When I upload an
> update to a package I maintain, does the signing by that "super secret"
> key have any other meaning than: "Yes it came from choeger who has a valid FAS account"?
> 
> Really, why do we need that key to have a password? 
> Shouldn't it be suffice to have all FAS keys signed properly and use them to sign packages when they're handed in?
> 
> Maybe Jesse himself could clarify that a bit.

The signing shows that the package came from the Fedora Buildsystem, and
is destined for the proper repo.  The end user only has to trust one,
maybe two keys to allow the installation of anything from the base,
updates, and maybe updates-testing repo.

rpm does not understand the web of trust, so there is no way to trust
one key, and implicitly trust any other keys that one key has signed.
And since rpm will happily install anything with a trusted key,
regardless of what repo it came from, keeping the key secret and private
is critical for our end user's security.

I'm currently training Josh Boyer from the releng team on how to do
package signing and updates pushing.

-- 
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux