From owner-freebsd-chat@FreeBSD.ORG Sat Jun 21 20:52:26 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 636BF37B405; Sat, 21 Jun 2003 20:52:26 -0700 (PDT) Received: from mta02-svc.ntlworld.com (mta02-svc.ntlworld.com [62.253.162.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A2C443F75; Sat, 21 Jun 2003 20:52:24 -0700 (PDT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from piii600.wadham.ox.ac.uk ([81.103.196.4]) by mta02-svc.ntlworld.comESMTP <20030622035222.MLHR4771.mta02-svc.ntlworld.com@piii600.wadham.ox.ac.uk>; Sun, 22 Jun 2003 04:52:22 +0100 Message-Id: <5.0.2.1.1.20030622044124.02cc0948@popserver.sfu.ca> X-Sender: cperciva@popserver.sfu.ca X-Mailer: QUALCOMM Windows Eudora Version 5.0.2 Date: Sun, 22 Jun 2003 04:52:19 +0100 To: David Schultz From: Colin Percival In-Reply-To: <20030622033625.GA60460@HAL9000.homeunix.com> References: <5.0.2.1.1.20030622022111.02c1cdf8@popserver.sfu.ca> <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca> <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca> <20030621163835.GA18653@tulip.epweb.co.za> <5.0.2.1.1.20030621175853.02c92e00@popserver.sfu.ca> <5.0.2.1.1.20030621193449.02c91ce8@popserver.sfu.ca> <5.0.2.1.1.20030622022111.02c1cdf8@popserver.sfu.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed cc: chat@FreeBSD.org Subject: Re: Cryptographically enabled ports tree. X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jun 2003 03:52:26 -0000 At 20:36 21/06/2003 -0700, David Schultz wrote: >On Sun, Jun 22, 2003, Colin Percival wrote: > > What we need is something integrated into the CVS system which rebuilds > > the necessary signatures every time the ports tree is modified, and > commits > > those into the CVS tree. Any CVS experts around who could say how to do > > this? > >You don't even have to do that. The tree just needs to be signed >once for every release. If that's all you want, download the release ISO image; you can verify its MD5 hash against the signed announcement, mount the ISO, and install the ports tree. >I don't >see why people need to update their ports tree more often than >once a release. Well, there are these ugly things called security bugs. >Granted, anyone who wanted to offer a (less secure) daily port >tree signing service or something, they could easily do so with >access to cvsup-master. True, but that wouldn't be transparent. People would have to tell cvsup to fetch a particular snapshot of the ports tree, to match the most recent signature; much better if they can cvsup as per normal, get the latest versions of everything, and have the signature come along automatically. > (It used to be you could talk to jdp@ for >this; I'm not sure who is responsible now.) cvsup-master is now owned by kuriyama@. > Actually, I'm not >sure whether cvsup's authentication is one-way or two-way, though. Two-way. Colin Percival