On Thu, 2004-10-28 at 15:01 -0400, Jeff Spaleta wrote: > > You want to be able to have faith that mirrors are trustable? Is that > the extent of the goal? > Having signed metadata will serve much better as a verification that a > mirror is serving up mirrored packages correctly, without implying ANY > extra trustability to individual packages. > The metadata has md5sums for each package, to verify the integrity of > each package in the mirror. And signed metadata itself lets you verify > the mirror is servering up what the master repository expects, without > implying any trust to individual packages. Check the metadata > signature, then check the md5sums of each package against the metadata > at that mirror....that works, without changing the meaning of what > signing a package means. > "Servering"? <grin> That sounds like a *great* idea, and one that does in fact respond well to the question of making sure that the mirror is serving the exact package which came out of the buildsystem. It is also an idea which will provide more and more value over time as Fedora's developer community grows larger and more open. Now, how does that idea get implemented? Cheers, -- Rodolfo J. Paiz <rpaiz@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part