[mirror-admin] excessive churn on linux/development/
Jesse Keating
jkeating at redhat.com
Mon Sep 29 18:08:56 EDT 2008
On Sat, 2008-09-20 at 23:14 +0300, Axel Thimm wrote:
> A bit off-topic, but how is this going to play out when updating from
> F<N> to F<N+1> or later? The new key will have to be accepted by the
> user each time?
>
> Wouldn't that open the possibility of spoofed updates? If the users
> get accustomed to always acking a new key on release updates will they
> really check whether any fingerprints of new keys match those from the
> Fedora Project, or will they happily accept keys and packages from a
> compromised mirror on F9->F10 updates (or F9->F11, F10->F11 etc.)?
>
> Ideally there is some trust transitivity mechanism in place like a
> master key signing those keys or similar.
>
> Just playing the devil's advocate.
I think ideally the installer media would install/trust the new keys
upon upgrade. User places trust in the media as it is, trying to accept
the key after the fact is just a bit silly.
As far as folks who do yum upgrade, that's going to be one thing they
have to deal with, and they'll probably check it just as often as people
check it today, which is not much.
--
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/mirror-admin/attachments/20080929/1d6b22ee/attachment.bin
-------------- next part --------------
--
More information about the Mirror-admin
mailing list