Date: Wed, 29 Jun 2016 23:57:13 +0000 From: Glen Barber <gjb@FreeBSD.org> To: Colin Percival <cperciva@freebsd.org> Cc: Bryan Drewery <bdrewery@FreeBSD.org>, Yuri <yuri@rawbw.com>, freebsd-pkgbase@FreeBSD.org Subject: Re: Are signatures of system images verified? Message-ID: <20160629235713.GQ1453@FreeBSD.org> In-Reply-To: <aeab12fa-f0f1-8823-84e4-ab065440a183@freebsd.org> References: <2cde3a9e-8b4d-8c5e-408a-053710986e29@rawbw.com> <20160629213252.GI1453@FreeBSD.org> <5f72274d-6932-fbf2-8abd-86a865aec0d1@rawbw.com> <20160629215944.GJ1453@FreeBSD.org> <7ac94438-4d39-2695-7b79-9ce04373e7e1@rawbw.com> <20160629230324.GL1453@FreeBSD.org> <5d642659-944b-d65d-9fc9-2aeab36acd98@FreeBSD.org> <aeab12fa-f0f1-8823-84e4-ab065440a183@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--/Ocr+Jy+jPJR1APa Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 29, 2016 at 04:50:55PM -0700, Colin Percival wrote: > On 06/29/16 16:38, Bryan Drewery wrote: > > Around that time (January 2016), Colin Percival has been maintaining a > > copy of the MANIFESTS in ports-mgmt/poudriere as well. >=20 > For the record, I obtained these files by downloading the release ISOs, > verifying their hashes against the signed release announcements, and > then extracting the MANIFEST files from the ISOs, and I intend to do > this for future releases as well. I think the consensus was that this > was a better option than adding "commit MANIFEST files to the ports > tree" to the already very lengthy release engineering checklist, but > of course I'd have no objection to handing over this task if re@ wanted > it for some reason. :-) >=20 There are other (valid) reasons for having these signed "somewhere". I'm sure there are more use cases than bootonly.iso and poudriere that use these files. So, it's on my list, but since we have the MANIFESTs you already gathered, no immediate plan to make this retroactive. Glen --/Ocr+Jy+jPJR1APa Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXdGBZAAoJEAMUWKVHj+KT3PEP/RG1XDClfDPi8hShLa7eq5Si hJEvFYXCeA2KmSDmFsEP2wjMcRGZn8BDzqUTE/GonVfjgkKU6yn/1+pBnQByrb+i MkV8ZJ+8VmJxrsRMiRHvugSA72Y8HTWVwf4xD06inbWf6V2e/3zwaLxFURN29i8M c1gMKr1Dw2EB9gdTyDS5pIXxQEj7WL4ojX6QK+1QaTNU5PMCXUauUNyk5qYH5nuJ ur+TN1qc9xDtLOn+ZUD5ygThl5Q5QpmVmHALHt0fgzFR7CYoIjhdJYQrxy+AVGNm gKSQLStsysmPkW9lvYXj94H/pIcTBLxuRUaDvbAEfaZtJPHt+EtnwGC1FbjuBEAj 4zbWb7z989uMVBhhl2CViOgiOV98K457gbicbvpEFaDFNaGoUQAO87Pq3Uvt9qgH 0BwDZFLfD0xynEBX4BSf9/hmTvzv9fKKuop4EBvzoxaME8hSZhMdc+KgIaY7Al3D uIGmt2/WUhzheFGse2DODjOnBHE/Bs4bhNM99QQq4OwQoszITfaI9tqYMcGMWAMp TIXTSu+eb/oPQMPnr4NItUM+b8lIqeaLjy634i87ogWA7Iz4My4pf0yaU3aE/4QD MEVtkatIm+wEuKa+n0RFk2caVyaZ1sJtokSlHG+1SrwlujpanQbWo9wJ8Zu35Wmd qD0BWDQEMtnGINfigvvh =7avp -----END PGP SIGNATURE----- --/Ocr+Jy+jPJR1APa--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160629235713.GQ1453>