[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE
From: |
Colin Walters |
Subject: |
Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE |
Date: |
Tue, 20 Jan 2004 18:53:21 -0500 |
On Tue, 2004-01-20 at 14:18, Tom Lord wrote:
> Anyone care to suggest the best revision?
I think we should take this opportunity to switch to detached
signatures. My proposed implementation is: Each revision directory
will have a subdirectory named "sigs". The contents of this directory
will be a number of files named after the fingerprint of the signing
key. For example:
patch-4
++revision-lock
log
checksum
tla--mainline--1.2--patch-4.patches.tar.gz
sigs
25D7D03BB2689DC9E61C7752388909596A765865.sig
The detached signature is on the "checksum" file. The advantages of
this are that it doesn't require parsing the checksum file, and also we
can have multiple people sign a single revision (just add more
signatures in sigs/).
For verification, the checking script will be passed two arguments:
first, a path to the downloaded checksum file, and second, a path to a
directory with the detached signatures.
> (Incidentally, I don't want to have tla itself scan for the "PGP
> SIGNED MESSAGE" line because I don't want tla to depend on using
> pgp-family tools for signing.)
That seems silly to me. In practice, I don't think anyone will use
anything else.
signature.asc
Description: This is a digitally signed message part
- [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/20
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE,
Colin Walters <=
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/20
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Colin Walters, 2004/01/21
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Brian May, 2004/01/21
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/21
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Rob Kaper, 2004/01/22
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Colin Walters, 2004/01/22
- Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE, Tom Lord, 2004/01/22
- [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Samuel Tardieu, 2004/01/22
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Robert Collins, 2004/01/24
- Re: [Gnu-arch-users] Re: (fairly minor) SECURITY ISSUE, Johannes Berg, 2004/01/24