gnu-arch-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: arch params


From: James Blackwell
Subject: Re: [Gnu-arch-users] Re: arch params
Date: Tue, 6 Jan 2004 03:38:38 -0500

In lists.arch.users, you wrote:
> On Jan 05 2004, Dustin wrote:
>>      Where can I read about available arch params?
>> 
>>      In particular, is there one I can use to disable this message:
>> 
>> NO CHECKSUMS FOUND FOR REVISION
>>  (unsigned archive, continuing anyway)
>
> There's a howto in the docs-tla tree. In short:
>
>  - create temporary mirror of archive
>  - mirror entire archive there
>  - move original archive out of the way
>  - replace with temporary
>  - remove =meta-info/mirror file from archive
>  - verify that everything is ok before deleting old archive


I think Zander made a very good point about the results of security
conflicting with security. 

While your list above does work great for the original owner of an
archive, they are not useful when mirroring someone else's archive comes
into play. 

In three short days I have come to turn a blind eye to tla's output when
mirroring due to the excessive chattiness of tla both when mirroring
archives which are neither signed nor checksummed and when signatures
are good. If tla were less chatty about good signatures/no checksums
when unsigned, I would be more inclined to look for error messages about
bad signatures.  Despite the heavy warnings that we've got going, only 
1/4 of the archives in the wild are signed.

Thus, I am of the opinion that tla should remain silent when good
signatures are encountered (traditionally, tools should remain silent
unless there is a problem). Furthermore, I think it would be better 
to not gripe about missing checksums on unsigned archives until either
mid 1.2 or early 1.3.

For the very least, since non-checksummed revisions in unsigned archives
is currently a warning (and not an error), the warning should be trimmed
down while people adjust to the new way of doing things. 

-- 
James Blackwell      Using I.T. to bring more             570-407-0488
Owner, Inframix      business to your business     http://inframix.com

GnuPG (ID 06357400) AAE4 8C76 58DA 5902 761D  247A 8A55 DA73 0635 7400




reply via email to

[Prev in Thread] Current Thread [Next in Thread]