mock: enable gpgcheck for f8 config file
Michael E Brown
Michael_E_Brown at dell.com
Thu Jan 3 22:57:45 UTC 2008
On Thu, Jan 03, 2008 at 05:22:27PM -0500, seth vidal wrote:
>
> On Thu, 2008-01-03 at 23:18 +0100, Till Maas wrote:
> > On Do Januar 3 2008, seth vidal wrote:
> >
> > > it uses urlgrabber which uses urllib[2] underneath. ssl connections
> > > specific ca to focus on.
> > >
> > > but what does this have to do with gpg certs? gpg certs aren't ssl
> > > certs.
> >
> > When yum (rpm?) verifies ssl certificates for https urls to acquire gpgkeys,
> > it is possible to use these urls in the mock config, without losing (much)
> > security.
>
> too many options here:
> 1. rpm has nothing to do, in yum, with downloading gpg keys or packages.
> 2. you want to use an ssl cert to verify the location we're retrieving
> the gpg keys from? And you want to use a special CA to guarantee we have
> the right one?
> 3. What's the LOSS of security you're worried with?
I believe that Till is concerned with establishing a chain-of-trust so
that we know the output RPMs from mock are good. This chain starts at
the mock binary and goes to the mirror we download the RPMs from for the
chroot. We have to have a way to know that what we are downloading from
the mirror has not been compromised in any way.
Till, from a maintenance standpoint, I favor simply adding an https url
for the gpg keys. From a security perspective, it would most likely be
best if mock included the respective keys.
If mock is going to include keys, you should name them after the
respective mock configs so it is easy to see when we can drop specific
keys. RPM-GPG-KEY-fedora-8-x86_64 or something similar.
--
Michael
More information about the Fedora-buildsys-list
mailing list