* martin f. krafft: > also sprach Henrique de Moraes Holschuh <[EMAIL PROTECTED]> [2005.08.27.1540 > +0200]: >> > security.debian.org already is a Single Point of Ownership. I don't >> > think we need multiple ones, so this is definitely a post-etch thing. >> >> Irrelevant if secure apt is deployed correctly. > > No. Imagine exim gets a root exploit and I spoof the DNS to some > mirror of s.d.o. That mirror will be consistent wrt secure APT, but > it won't get updates, so admins who don't follow DSAs and run > apt-get upgrade consciously and carefully are going to be left in > the naive belief that they are safe because s.d.o doesn't have any > new stuff.
You can address this with timestamp signatures, but I doubt it is worth the complexity. A prerequisite would be replacing pool.ntp.org and providing our own secure time source, and this is probably not something we want to do. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]