On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote: > Matt Zimmerman <[EMAIL PROTECTED]> writes: > > > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote: > > > > > But this kind of tampering _can_ be checked by apt before installing > > > the deb simply by adding a signature verifyer into the > > > DPkg::Pre-Install-Pkgs config option, the same mechanism > > > apt-listchanges already uses to display only the new section of the > > > changelog. > > > > Indeed, apt can do a lot better, and is very close to doing so. See #203741. > > The assumption was that the archive was compromised but the Release.gpg > file changed and resigned.
Who was assuming this? At any rate, protecting the secret key is of course the weakest link in any public key cryptosystem, and I don't see what that has to do with apt. > #203741 is about checking the > Release.gpg chain of trust or is there more hidden in all the mails. Yes, that is what it is about. > Did the BTS reoder the mails, there don't seem to follow a locigal > discussion. Haven't bothered to check the timestamps though. Messages from discussions in other fora (including private mail) were later copied to the BTS. -- - mdz
