From owner-freebsd-ports  Sun Dec 31  9:42:48 2000
From owner-freebsd-ports@FreeBSD.ORG  Sun Dec 31 09:42:47 2000
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220])
	by hub.freebsd.org (Postfix) with ESMTP id D4B2737B404
	for <ports@freebsd.org>; Sun, 31 Dec 2000 09:42:46 -0800 (PST)
Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!)
	by homer.softweyr.com with esmtp (Exim 3.16 #1)
	id 14Cmav-00008V-00; Sun, 31 Dec 2000 10:48:33 -0700
Sender: wes@FreeBSD.ORG
Message-ID: <3A4F7171.4D5786AB@softweyr.com>
Date: Sun, 31 Dec 2000 10:48:33 -0700
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Warner Losh <imp@village.org>
Cc: ports@FreeBSD.ORG
Subject: Re: Package signing tools
References: <3A4EDE33.84C7072@softweyr.com>  <3A4ED1C0.14061CE5@softweyr.com> <20001231003920.A24519@peorth.iteration.net> <20001231014344.T305@argon.firepipe.net> <200012310741.eBV7f4s09193@billy-club.village.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Warner Losh wrote:
> 
> In message <3A4EDE33.84C7072@softweyr.com> Wes Peters writes:
> : This has been in the queue for 8 months.  The original OpenBSD code has
> : existed for several years.  You can have it if you want it, but I'm not
> : going to have it bikeshedded to death, or into pkg_info or pkg_version or
> : pkg_anythingelse.  The functions are not related: this program signs a
> : a package and checks the signature on a package is valid; pkg_info and
> : pkg_version do other things.
> :
> : Try to stay on track here, people.  This is not an attempt to write a new
> : package delivery mechanism, it's just a simple tool to verify you got what
> : you asked for.
> 
> I agree 100%.  I've taken a look at the code that wes has done and it
> looks good (modulo the crypto stuff).
> 
> However, you could easily add an option to pkg_add that will call
> this program...

Mmmm, yes, pkg_add --verify or something like that?  I'd have it actually
run the pkg_check executable so we don't mix the crypto code into the pkg_add
executable, for those who build FreeBSD without the crypto support.

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message