[katello-devel] GPG keys - proposed solution

[Ohad Levy]

----- Original Message -----
| On 11/16/2011 03:44 AM, Ohad Levy wrote:
| > now, my question is concerned security:
| > pulp trust the repo based of the ssl cert, and the client trust the
| > packages based on the gpg key (and ssl), however, in this case, if
| > someone was to hijack the repo, he could replace the gpg key as
| > well (meaning ssl certs is all that is required), does anyone see
| > an issue with that?
| 
| What if the gpgkey was in another location, not tied to the repo?
| Then
| they would need to hikjack both. Would that be better?
| 
I guess what we could do, is to keep the gpg key within katello (and not the url itself), this would allow the user to upload the gpg key for his custom repo and subscription-manager(?) to fetch it from katello when configuring yum.


Ohad