Vincent Hanquez <t...@snarc.org> wrote: > > That was exactly my suggestion actually. It requires the ability to > > make and check signatures. The making can be done with external > > tools like GnuPG, but the checking has to be done by cabal-install. > > To detect changed keys there also needs to be a trust database, > > which can be a simple directory in ~/.cabal/ where files are named > > after the fingerprint of the key it contains. > > > > The most important part is a sensible user interface. The whole > > process should be invisible to the user, until there is a signature > > error. The first installation of a package will actually generate a > > handful of signature errors, because the keys are not known yet. > > > > This shouldn't be too hard to implement and requires only a small > > change to Hackage and cabal-install's upload command to begin. > > That's not a proper solution, and definitively in the warm fuzzy > feeling department. > > What if you install a package for the first time and this package has > just been re-uploaded maliciously with a different key and a payload ? > What if you're relying on hackage mirrors, what stop this mirror to > regenerate all signatures with a new key ? > > It also make maintainers change difficult, and doing genuine > non-maintainer upload.
See the last point of my post. The last step is to implement proper web of trust functionality, so that some keys can be declared to be signing keys. Then a set of trusted keys can be shipped together with cabal-install. That step is optional, because at least now I can fetch developer keys by other means like a key server. According to my solution Cabal warns for new and changed keys and asks whether to trust them showing a fingerprint. Greets, Ertugrul -- Key-ID: E5DD8D11 "Ertugrul Soeylemez <e...@ertes.de>" FPrint: BD28 3E3F BE63 BADD 4157 9134 D56A 37FA E5DD 8D11 Keysrv: hkp://subkeys.pgp.net/
signature.asc
Description: PGP signature
_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
