Mickael,
Thanks.
More comments below.
On 03.01.2022 13:18, Mickael Istria wrote:
On Mon, Jan 3, 2022 at 11:55 AM Ed Merks <ed.me...@gmail.com> wrote:
Is there a bug here? I don't think we can expect the users to
grant trust on the basis of some hexadecimal numbers...
Actually, they can grant trust based on those numbers because users
should verify those signers are trusted, eg by checking whether the
ids are matching some verified keys in some external PGP services.
But indeed, the UI is still rough and still needs to be improved.
I've opened https://bugs.eclipse.org/bugs/show_bug.cgi?id=578024 to
track this issue. Minimally the help for the dialog should describe
how to find such external PGP services and in our case specifically how
to verify that this is an Eclipse project's key. We can discuss the
details there. I can try to help iron out the wrinkles...
Where/what is the best way for asking question and for discussing
the implementation details? I posted on platform-dev because the
entire platform is affected by these design decisions, but perhaps
I should restrict this to p2-dev or elsewhere?
Bugs against p2 are the best channel IMO.
So, for example, if I have the question "is it guaranteed that two
different org.bouncycastle.openpgp.PGPPublicKey instances might have the
same org.bouncycastle.openpgp.PGPPublicKey.getKeyID() values" that
should be a p2 Bugzilla? I wouldn't ask that on platform-dev but I
would have thought to ask on p2-dev rather than open a question
Bugzilla. I see no reason to assume that the getKeyID values are
unique, though I suppose the chances of collisions are vanishingly small
(and downstream utility class seem to assume this).
I expect there is a concern about the size of many such the
duplicates keys, but with both jar and *.xz compression that isn't
really so much a problem. I.e., 1000 copies of the key has
minimal impact on the size compressed artifacts as seen here where
the artifacts.xml has 1000 copies of the key:
OK, I probably made a wrong estimation back then, and maybe adding the
signer key to each artifact would be preferable.
And even the
org.eclipse.equinox.p2.tests.engine.CertificateCheckerTest.testPGPSignedArtifactUntrustedKey()
test works that way...
Yes, this is supposed to work with key as artifact property. The
metrics you shared seem to highlight it would be a better approach, so
please open a bug to Platform/Releng so we can try to improve that.
I've opened https://bugs.eclipse.org/bugs/show_bug.cgi?id=578023 to
track this issue.
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/platform-dev
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
