From owner-freebsd-current@FreeBSD.ORG Tue Mar 29 05:51:02 2011 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6C5471065670; Tue, 29 Mar 2011 05:51:02 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 127458FC12; Tue, 29 Mar 2011 05:51:01 +0000 (UTC) Received: by iyj12 with SMTP id 12so5517952iyj.13 for ; Mon, 28 Mar 2011 22:51:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:from :date:x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=+/JgRXdxI9vqxjijUyE5qMtUVOKWLbD1vxUtZf3O2D4=; b=nBl7+0T0dinvX0KxvqWywtRtMGMLW8Gz5qs3zZq6IYQnDFojC4Qb4pWRIEaI2bbG95 FVvG7W//EFxKO3beoqh1R46lo1LZt34w3U73XJ18upgoM4CLNZY8hCGJ8kWYIfefx8IE ZfucE8Gy9bKDowM9CTasaR8rWX3JIWF+Mcg9E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=f0bGNYdLWlEiVnoKRVBEnCD1j5wkyFQJu5gmIsFUOuZHaRFSKKPdacyriFEoZizqgr TPK96Ph7Ktg75kSAmSERBHuWWHy5mHp+G9m7A8elKjSuZ1ZGKdOiI7932Pm90w5QjceR hZOQJvrCvtV9Yrm3nhS/latvrEF7fVTGIq/jM= Received: by 10.231.3.142 with SMTP id 14mr5205568ibn.84.1301377861120; Mon, 28 Mar 2011 22:51:01 -0700 (PDT) MIME-Version: 1.0 Sender: baptiste.daroussin@gmail.com Received: by 10.231.21.153 with HTTP; Mon, 28 Mar 2011 22:50:41 -0700 (PDT) In-Reply-To: References: <20110325101111.GA36840__48943.3474642739$1301049771$gmane$org@azathoth.lan> <4D90C8EA.2000901@freebsd.org> From: Baptiste Daroussin Date: Tue, 29 Mar 2011 05:50:41 +0000 X-Google-Sender-Auth: cbPY3KLYaBdmlmYPYdMPAaUNWzU Message-ID: To: Tim Kientzle Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: ports@freebsd.org, hackers@freebsd.org, current@freebsd.org Subject: Re: [ECFT] pkgng 0.1-alpha1: a replacement for pkg_install X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Mar 2011 05:51:02 -0000 2011/3/29 Tim Kientzle : >>>>> II. Package signing. >>>> >>>> That would be really nice. >>> >>> Right know we only planned to sign the repo database, so we can trust >>> the sah256 of the packages stored in the database. Then if the package >>> has the same sha256 as the one in the repo database it is considered >>> trusted. >>> If we want a per-package signing, we would have a tarball in a tarball. >> >> I really expected this to have been mentioned already, but this approach= (tarball in a tarball) is taken by Debian packages, and I don't remember h= earing of any issues related to it. =A0I don't think it's worth discounting= from the start without giving some considerationg, but I will defer to the= people actually doing the work. > > If you use libarchive-style streaming, it's even > pretty straightforward to read and extract such > things without having to create a bunch of > temporary files. > > You just need to be careful about compression. > > Tim > > ok but what is the problem with signing only the repository then rely on di= gest? I am not sure we need more that this. second question howto sign? pgp? ssl? First would be the easiest way to go but we don't have in base anything to check signatures (maybe we should in that case investigating to import netpgp), ssl why not? but which algorithm? what security officer would prefer? We are ok to investigate that part, but we need more information about what is expected. regards, Bapt