Hi Jeff, thanks for the detailed info. I have couple of questions, hopefully looking for your answer.
2016-01-16 22:59 GMT+01:00 Jeff Johnson <[email protected]>: > > > What remains to be done (in some order) is this: > > 1) confirm the non-repudiable signature exists by building a package and > verifying > the signature (using "rpm -qvvp *.rpm" should be sufficient), and that the > pubkey is > contained within every package. > Which pubkey? OMA or rpmbuild's one ? > > 2) remove the check for "official" pubkey in urpmi. > I do not understand one thing. How user can verify if rpm file which is signed with "one time generated" gpg key is trusted with that virtual-notary certificate ? > > 3) create the manifest format to taste including additional identification > like the non-repudiable pubkey id > I do not understand what non-repudiable means :( > > 4) register the manifest with http://virtual-notary.org and get the > certificate. confirm that the certificate > is consistent with the document. > What do you mean by manifest ? You mean to notarize a document ? http://virtual-notary.org/dispatch/document/input/ > > 5) decide how to add the above steps to the mirroring process, and how to > document the procedure. > This is very unclear to me. Please elaborate on this more because i'd like to understand how that notary should work. > > Apologies for wordiness. Poke me on the irc meeting if you have questions. > > hth > > 73 de Jeff > >
_______________________________________________ OM-Cooker mailing list [email protected] http://ml.openmandriva.org/mailman/listinfo/om-cooker_ml.openmandriva.org
