Should Fedora rpms be signed?
Peter Jones
pjones at redhat.com
Mon Nov 1 17:35:54 UTC 2004
On Fri, 2004-10-29 at 09:44 -0500, Ian Pilcher wrote:
> Jeff Spaleta wrote:
> >
> > Can rawhide packages be automatically signed... of course
> > Does autosigning help the intended, well informed, audience of the
> > rawhide packages... yes
> > Does autosigning hurt the unintended, un-informed or mis-informed
> > audience... i think it does.
> >
>
> So you're suggesting that the use of signed packages should be limited
> by some "least common denominator" of ignorant users? I suspect that
> if you broadly adopt that principle, you won't be real happy with the
> results.
No, this is the wrong problem to discuss. The problem isn't that the
users are ignorant. The problem is that we've systematically taught
them what to expect a signature means, and we're going back and saying
that sometimes -- only sometimes -- it only means part of that.
That's a serious flaw, and it's one we must address before we consider
implementing any sort of automatic signatures. The way to do so is to
separate the task of verifying the source (or even the chain of sources,
if there are mirrors of mirrors) from that of verifying trust of the
contents.
--
Peter
More information about the fedora-test-list
mailing list