[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
From: |
Karel Gardas |
Subject: |
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch |
Date: |
Mon, 8 Dec 2003 08:48:07 +0100 (CET) |
On Mon, 8 Dec 2003, Robert Collins wrote:
> On Mon, 2003-12-08 at 08:42, Karel Gardas wrote:
> > > I suggest --gpg-key=<string> to commit, and have no field name to
> > > suggest at this point.
> >
> > Hmm, is this really worth the effort of added complexity to support
> > optional resigning instead of dump-copy of signatures?
>
> Yes.
> Trivial case: uploading from an unsigned mirror to a signed public
> mirror.
This might be changed to script signing whole mirror + push-mirror of
signed archive.
> Trivial case: The public mirror is to be all signed by the 'authorised
> uploader', not the individual contributors.
This might be the case, but it apply only to multi-developer archives and
is not IMHO showstopper => doesn't need to be addressed in your
"immediate" solution.
> > BTW: for x509 you will need to change --gpg-key to something else. What
> > about to use: --sign-key=<string> --sign-mech=<mech>, where mech might be
> > ``gpg'' or ``x509'' or others...
>
> Wouldn't it make sense to simply use x509 all the time ?
I don't think so, since many people do not have their own x509
certificate, but they seem to use OpenPGP.
> Alternatively, we could have a gpg-options="--sign-key=rbtcollins
> --sign-mech=x509" tla command, which is then passed through to gpg.
Do not forget, that for example BSD community will at least like to use
non-gpl solution here: i.e. pgp, openssl. -- which IMHO should also be
supported.
Cheers,
Karel
--
Karel Gardas address@hidden
ObjectSecurity Ltd. http://www.objectsecurity.com
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, (continued)
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Charles Duffy, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Lord, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Lord, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Thomas Zander, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Andrew Suffield, 2003/12/08
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Lord, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/08