gnu-arch-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE


From: Colin Walters
Subject: Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE
Date: Tue, 20 Jan 2004 18:53:21 -0500

On Tue, 2004-01-20 at 14:18, Tom Lord wrote:

> Anyone care to suggest the best revision?

I think we should take this opportunity to switch to detached
signatures.  My proposed implementation is: Each revision directory 
will have a subdirectory named "sigs".  The contents of this directory
will be a number of files named after the fingerprint of the signing
key.  For example:

patch-4
  ++revision-lock
  log
  checksum
  tla--mainline--1.2--patch-4.patches.tar.gz
  sigs
    25D7D03BB2689DC9E61C7752388909596A765865.sig

The detached signature is on the "checksum" file.  The advantages of
this are that it doesn't require parsing the checksum file, and also we
can have multiple people sign a single revision (just add more
signatures in sigs/).

For verification, the checking script will be passed two arguments:
first, a path to the downloaded checksum file, and second, a path to a
directory with the detached signatures.

> (Incidentally, I don't want to have tla itself scan for the "PGP
> SIGNED MESSAGE" line because I don't want tla to depend on using
> pgp-family tools for signing.)

That seems silly to me.  In practice, I don't think anyone will use
anything else.

Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]