On Mon, Jun 16, 2014 at 05:47:03PM -0400, Nick Holland wrote: > [diff to easily allow different keys] > > I think focus has been lost. > > What's the point of signing releases? To say "This came from the > OpenBSD project". > > Why? To make sure your release is a pure, untampered with version. > > Signed releases is not a goal, the goal is an install that is > trusted by the installer (you). Signed releases are a way to help > reach that goal. Don't forget that. > > IF your release is from the OpenBSD project, the signing should work > fine. If your release is from some other souce...I WANT an alert > saying "This is not signed by OpenBSD"! I don't want to squish the > alert. It isn't there to hit a checkbox "Code signed by someone". > > If your use is such that you DO want to certify that YOU created the > files in question, that's great, ok, you have got a great > "mini-fork" -- you can easily build your own release with your own > keys and manage them appropriately, but a knob to get around the > very point of release file signing is not really what I want to see. > > Nick.
The problem is political. Does OpenBSD make life easier for people who want to customize release build/installation by default or these people should maintain their diffs separately. Technically, how does verification of siteXX.tgz work? IIUC it does not. I don't see what's the problem to provide one variable. Why are there MD* variables and override functions one could use but are not used by default (override/add into install.md)? j.
