Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch]

[Robert Collins]

On Mon, 2003-12-08 at 08:06, Karel Gardas wrote:
> On Sun, 7 Dec 2003, Karel Gardas wrote:
> 
> > Well, I will probably finally write my own proposal, just to not only
> > criticize your own. :-)
> 
> Hello,
> 
> as promissed:

You basically replicate Tom's proposal, with a few key changes:
1) metadata per archive registration, not per archive.
2) the use of x509
3) keeping tla out of the TCB.
4) minor logic about whether to dumb-copy signatures or to optionally
resign.

Now, on 2 and 3 I agree completely - as my feedback to Tom on 3 should
show.
4) I think Tom has it right here, once the magic-detection is removed -
and Tom has indicated a command line flag is ok.
1) I think that the archive should indicate signatures are required, and
the key to use should be local metadata - again, already in my feedback.

I'd like you to look at my feedback, and see if you have further
critiques - as Tom's design is something that we can hack on, whereas
your's isn't - you need to get onto tla ;).

Rob
-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.

signature.asc
Description: This is a digitally signed message part