Date: Mon, 28 Mar 2011 21:15:41 -0700 From: Tim Kientzle <kientzle@freebsd.org> To: Benjamin Kaduk <kaduk@MIT.EDU> Cc: ports@freebsd.org, Baptiste Daroussin <bapt@freebsd.org>, hackers@freebsd.org, Julien Laffaye <jlaffaye@freebsd.org> Subject: Re: [ECFT] pkgng 0.1-alpha1: a replacement for pkg_install Message-ID: <DF9D9589-56C3-40DF-992F-9F62A2FC1173@freebsd.org> In-Reply-To: <alpine.GSO.1.10.1103282328340.19944@multics.mit.edu> References: <20110325101111.GA36840__48943.3474642739$1301049771$gmane$org@azathoth.lan> <4D90C8EA.2000901@freebsd.org> <AANLkTinaz9Y6kgjQvdS1Pu%2Bkay50DUs6FubcbCxcc3W2@mail.gmail.com> <AANLkTi=uPaaxUVUDL3CPWByOeOZ2TjziUbrY7pJLQyAa@mail.gmail.com> <alpine.GSO.1.10.1103282328340.19944@multics.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>> II. Package signing. >>>=20 >>> That would be really nice. >>=20 >> Right know we only planned to sign the repo database, so we can trust >> the sah256 of the packages stored in the database. Then if the = package >> has the same sha256 as the one in the repo database it is considered >> trusted. >> If we want a per-package signing, we would have a tarball in a = tarball. >=20 > I really expected this to have been mentioned already, but this = approach (tarball in a tarball) is taken by Debian packages, and I don't = remember hearing of any issues related to it. I don't think it's worth = discounting from the start without giving some considerationg, but I = will defer to the people actually doing the work. If you use libarchive-style streaming, it's even pretty straightforward to read and extract such things without having to create a bunch of temporary files. You just need to be careful about compression. Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DF9D9589-56C3-40DF-992F-9F62A2FC1173>