[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnu-arch-users] Re: signatures and checking
From: |
Miles Bader |
Subject: |
[Gnu-arch-users] Re: signatures and checking |
Date: |
27 Jan 2004 10:26:51 +0900 |
Tom Lord <address@hidden> writes:
> So I'm back to thinking that the right short term fix for the security
> issue is just to provide, say, an awk script that users can use
> instead of calling gpg (or agpg or whatever) directly in their .check
> files.
>
> And the right long-term fix is to ask for a new option in gpg.
I'm confused as to why the two issues -- (1) whether the signed checksum
file is parseable without a checker, and (2) how to ensure you get the
signed contents when you _do_ have a checker -- are related.
Surely you can just treat the two cases separately:
Ask gpg (or whatever) to deliver the contents in case (2), by having a
`.arch-params/signing/*.contents' script, and just parse them directly in
case (1) (which is when you _don't_ have the script).
This would do the right thing, be simple to implement, not require any
awk scripts, and not require any new options to gpg....
-Miles
--
"Though they may have different meanings, the cries of 'Yeeeee-haw!' and
'Allahu akbar!' are, in spirit, not actually all that different."
- [Gnu-arch-users] signatures and checking, Tom Lord, 2004/01/26
- [Gnu-arch-users] Re: signatures and checking, Samuel Tardieu, 2004/01/26
- [Gnu-arch-users] Re: signatures and checking,
Miles Bader <=
- [Gnu-arch-users] Re: signatures and checking, Tom Lord, 2004/01/26
- [Gnu-arch-users] Re: signatures and checking, Tom Lord, 2004/01/26
- Re: [Gnu-arch-users] Re: signatures and checking, Andrew Suffield, 2004/01/26
- Re: [Gnu-arch-users] Re: signatures and checking, Tom Lord, 2004/01/26
- Re: [Gnu-arch-users] Re: signatures and checking, Robert Collins, 2004/01/27
- Re: [Gnu-arch-users] Re: signatures and checking, Tom Lord, 2004/01/27
- [Gnu-arch-users] Re: signatures and checking, Neil Stevens, 2004/01/26
Re: [Gnu-arch-users] signatures and checking, Andrew Suffield, 2004/01/26
Re: [Gnu-arch-users] signatures and checking, Robert Collins, 2004/01/27