Florian Weimer writes ("Re: buildds: "Authentication warning overridden.""):
> In this case, HTTPS should be used to download the packages, together
> with proper certificate validation. This has got the added benefit that
> passwords aren't sent in the clear
On Sun, Nov 11, 2007 at 09:24:12AM -0800, Steve Langasek wrote:
> On Sun, Nov 11, 2007 at 01:27:14PM +0100, Florian Weimer wrote:
> > * Wouter Verhelst:
>
> > > That's inevitable because http://incoming.debian.org is not signed; The
> > > update frequency of that repository (which is available onl
On Sun, Nov 11, 2007 at 01:27:14PM +0100, Florian Weimer wrote:
> * Wouter Verhelst:
> > That's inevitable because http://incoming.debian.org is not signed; The
> > update frequency of that repository (which is available only to buildd
> > hosts by IP and/or password protection) makes that impossib
On Sun, Nov 11, 2007 at 09:24:12AM -0800, Steve Langasek wrote:
> On Sun, Nov 11, 2007 at 01:27:14PM +0100, Florian Weimer wrote:
> > * Wouter Verhelst:
>
> > > That's inevitable because http://incoming.debian.org is not signed; The
> > > update frequency of that repository (which is available onl
Michael Banck wrote:
>
> Assuming that compromised mirrors get quickly identified by people using
> signatures, and buildd packages having to be uploaded directly, the
> amount of compromised packages this way is probably small, so they can
> be rebuilt using packages from another mirror, after th
On Sun, Nov 11, 2007 at 01:27:14PM +0100, Florian Weimer wrote:
> * Wouter Verhelst:
> > That's inevitable because http://incoming.debian.org is not signed; The
> > update frequency of that repository (which is available only to buildd
> > hosts by IP and/or password protection) makes that impossi
* Wouter Verhelst:
> That's inevitable because http://incoming.debian.org is not signed; The
> update frequency of that repository (which is available only to buildd
> hosts by IP and/or password protection) makes that impossible -- or at
> least that's what I understood; you may want to check wit
* Michael Banck:
> Assuming that compromised mirrors get quickly identified by people using
> signatures, and buildd packages having to be uploaded directly, the
> amount of compromised packages this way is probably small, so they can
> be rebuilt using packages from another mirror, after the buil
On Fri, Nov 09, 2007 at 06:53:12PM -0600, Raphael Geissert wrote:
> Hi all,
>
> It's not uncommon to see buildds (actually build tools) override the
> package/Release signature warning.
That's inevitable because http://incoming.debian.org is not signed; The
update frequency of that repository (wh
On Fri, Nov 09, 2007 at 08:54:06PM -0600, Raphael Geissert wrote:
> Michael Banck wrote:
> > Won't somebody else stop the attack in their place then, who does check
> > the signatures?
>
> If a mirror is compromised, unless I'm missing something, it won't be
> updated until ftp-master sends a mirr
Michael Banck wrote:
>
> Won't somebody else stop the attack in their place then, who does check
> the signatures?
If a mirror is compromised, unless I'm missing something, it won't be
updated until ftp-master sends a mirror push. And the period of time
between the last mirror push, the compromis
On Fri, Nov 09, 2007 at 08:00:15PM -0600, Raphael Geissert wrote:
> Steve McIntyre wrote:
> > That's all well and good, but the buildds also depend on using
> > packages from (for example) incoming, which it is not feasible to
> > sign.
>
> Even tough incoming is not signed, packages require a val
[I read the list, no need to reply To me, thanks]
Steve McIntyre wrote:
>
> That's all well and good, but the buildds also depend on using
> packages from (for example) incoming, which it is not feasible to
> sign.
>
Even tough incoming is not signed, packages require a valid DD/similar
signatu
Raphael Geissert wrote:
>Hi all,
>
>It's not uncommon to see buildds (actually build tools) override the
>package/Release signature warning.
>So I was wondering, what is the point of having such a signatures
>verification system if the build systems do not care about them?
>
>I know the main target
Hi all,
It's not uncommon to see buildds (actually build tools) override the
package/Release signature warning.
So I was wondering, what is the point of having such a signatures
verification system if the build systems do not care about them?
I know the main target is to prevent end users from do
15 matches
Mail list logo