Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch

From:	Robert Collins
Subject:	Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Date:	Mon, 08 Dec 2003 08:55:50 +1100

On Mon, 2003-12-08 at 08:48, Karel Gardas wrote:
> > For users wanting to gpg check in phase 1, it's easy: archive-mirror to
> > the local disk, with copying signatures enabled. Then run the integrity
> > checking script tom proposed.
> 
> Aha, now I understand, you are talking about support for signatures on
> commit, etc. (i.e. pushing something into the archive) and avoiding any
> support for sigs. verification when the changeset is used. Yes, whole
> archive verification is quite easy scripting work...

Not avoiding, just ignoring ;). The signatures will be available after
all.

> In fact, during my thinking about the topic I came with reverse idea:
> verify signatures on get/etc. but sign changesets manually directly in
> archive + push-mirror change to push dump-copy of sign files.

Ah. Well, for remote archives (i.e. http/ftp) there is an obvious hole -
that is that you don't trust the transport. So signing before upload is
important.

Rob

-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, (continued)
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
  - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Lord, 2003/12/07
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/07
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins <=
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/08
    - Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Andrew Suffield, 2003/12/08
    - Re: [Gnu-arch-users] crypto sigs and _Encryption_ for arch, Paul Hedderly, 2003/12/09
  - crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Robert Collins, 2003/12/07
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Robert Collins, 2003/12/07
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/08
    - Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Paul Hedderly, 2003/12/09

Prev by Date: Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch]
Next by Date: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Previous by thread: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Next by thread: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
Index(es):
- Date
- Thread