[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: YUM security issues...

On Mon, 2008-07-28 at 14:25 -0400, Jesse Keating wrote:
> On Mon, 2008-07-28 at 12:07 -0500, Matt Domsch wrote:
> > 1. repomd.xml needs to be signed. Either attached or detached sig
> >    (advice sought).  If attached, format would be
> I would prefer a detached sig, so that the checksum of repomd.xml itself
> doesn't change if the GPG sig for it does.  This is important as there
> are control files in the compose to track consistency of the tree
> itself, and having the repomd.xml change it's key would invalidate this
> control file.

detached sig definitely. Independent of how (or why) this is done we
will maintain backward compat. Signing the repomd.xml directly will not
allow backward compat (nor cross compat with apt/smart/etc).

I've already written the code for the detached sig - it'll be checked
into yum upstream this afternoon.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]