FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Pacman Development

 
 
LinkBack Thread Tools
 
Old 02-04-2011, 12:41 AM
Denis A. Altoé Falqueto
 
Default Check signature used to verify is not only good but is also in a list of accepted keys

Hi, Allan and friends

I'm working on the items of the todo list [1] for package signing and
have a question with the item of the subject of this email.

Basically, what should be the list of accepted keys? The keys in
pacman's keyring? Probably yes, isn't it? So the signature is made
with a key from user's keyring (be it the default or one passed as
parameter) and the verifying should be made with pacman's keyring?

Just asking to be sure.

[1] https://wiki.archlinux.org/index.php/User:Allan/Package_Signing

--
-------------------------------------------
Denis A. Altoe Falqueto
Linux user #524555
-------------------------------------------
 
Old 02-04-2011, 01:05 AM
Denis A. Altoé Falqueto
 
Default Check signature used to verify is not only good but is also in a list of accepted keys

On Fri, Feb 4, 2011 at 12:10 AM, Allan McRae <allan@archlinux.org> wrote:
> Essentially I am not so sure myself!
>
> This TODO came from a note in the "repo-add: add -v/--verify option" commit
> message. * But in the end, I would think the pacman keyring should be used
> for verification here as separation from the users keyring is probably
> preferable.

Fine, I'll implement it and we can discuss it further when I submit the patches.

Thanks!

--
A: Because it obfuscates the reading.
Q: Why is top posting so bad?

-------------------------------------------
Denis A. Altoe Falqueto
Linux user #524555
-------------------------------------------
 
Old 02-04-2011, 01:10 AM
Allan McRae
 
Default Check signature used to verify is not only good but is also in a list of accepted keys

On 04/02/11 11:41, Denis A. Altoé Falqueto wrote:

Hi, Allan and friends

I'm working on the items of the todo list [1] for package signing and
have a question with the item of the subject of this email.

Basically, what should be the list of accepted keys? The keys in
pacman's keyring? Probably yes, isn't it? So the signature is made
with a key from user's keyring (be it the default or one passed as
parameter) and the verifying should be made with pacman's keyring?

Just asking to be sure.

[1] https://wiki.archlinux.org/index.php/User:Allan/Package_Signing




Essentially I am not so sure myself!

This TODO came from a note in the "repo-add: add -v/--verify option"
commit message. But in the end, I would think the pacman keyring
should be used for verification here as separation from the users
keyring is probably preferable.


Allan
 

Thread Tools




All times are GMT. The time now is 10:12 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org