[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Time to resurrect multi-key signatures in RPM?

From: Tom Lane <tgl redhat com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: Time to resurrect multi-key signatures in RPM?
Date: Mon, 25 Aug 2008 23:11:46 -0400

Bojan Smojver <bojan rexursive com> writes:
> For instance, an attacker being in the position of injecting a bad
> package and signing it with Fedora key would still get nowhere, as he'd
> need to convince other signatories to sign those packages before them
> being any threat to Fedora users. Before signing, signatories could
> require that original contributor that built the package for a
> particular tag sends a signed e-mail (containing that tag and package
> checksums - valid only once) to the signatories, therefore requiring yet
> another compromised private key in order to perform an attack.

Yup, packagers are going to do that, sure...

Most of us are overworked already.  We aren't going to jump through any
hoops for third-party signatories.

			regards, tom lane

Follow-Ups:
- Re: Time to resurrect multi-key signatures in RPM?
  - From: Bojan Smojver

References:
- Time to resurrect multi-key signatures in RPM?
  - From: Bojan Smojver

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]