FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 03-30-2011, 01:25 AM
Aaron Toponce
 
Default Helping Arch Linux with package signing

I'm sure everyone has read the following from LWN [1]. I was just thinking
that Debian has had package signing for a while, and the top users of the
PGP Strong Set [2] (maybe even most of it) are Debian developers. Seeing as
though Debian has such a strong history with OpenPGP and package signing, I
was wondering if we could help them along.

1: https://lwn.net/SubscriberLink/434990/4c611307c60a7ae1/
2: http://pgp.cs.uu.nl/plot/

Dan McGee, the lead Arch Linux developer, has stated [3] that he is willing
to accept patches getting OpenPGP implemented into Pacman and the rest of
Arch.

So, given the history of package signing with Debian, I'm wondering if
there is anything we can do as a project to help another project out. Be it
documentation, how-tos, patches, whatever. It appears to be open for
discussion [4], and even though I'm a hardcore Debian user through and
through, it would be great to see another GNU/Linux operating system step
up in the security ranks.

3: https://lwn.net/Articles/435251/
4: https://bugs.archlinux.org/task/5331

If I'm way out of line, then let me know.

Thoughts?

P.S.: I would have posted this to -devel, but I didn't know if it would be
appropriate or not, and I figured many developers might be on this list
anyway, and if necessary, could cross-post it.

--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
 

Thread Tools




All times are GMT. The time now is 04:43 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org