>IMHO there is no lack of interesting ideas - what we really need are
>implementations. 

Ja.  I just have to find the time.  :)

>apt-check-sigs is a nice proof-of-concept, and the debsigs stuff could
>also improve security significantly. Together, I'd say they'd suffice to
>make the debian mirrors extremely tamper-proof. 
>But apt-check-sigs is lacking nice integration into existing tools, and
>debsigs doesn't really work, because packages are not signed, which is
>IMHO caused by inappropriate helper tools at packaging time.

Hrm.  I guess I'll have to check into those.

>So implementing these tools, and then changing policy to make package
>signatures mandatory, seems to be the most feasible approach.

Making package sigs mandatory is the critical bit, IMHO.


-Joseph

-- 
[EMAIL PROTECTED]
"Alt text doesn't pop up unless you use an ancient browser from the days of
 yore. The relevant standards clearly indicate that it should not, and I
 only know about one browser released in the last two years that violates
 this, and it's still claiming compatibility with Mozilla 4 (which was
 obsolete quite long ago), so it really can't be considered a modern
 browser."  --jonadab, in a slashdot.org comment.

Reply via email to