On Wed, 2007-08-22 at 13:55 -0400, Colin Walters wrote:
On 8/22/07, Jesse Keating <jkeating(a)redhat.com> wrote:
There aren't requirements, however given that our software is
mirrored
around the world and our tools are made easy to make your own
Fedora,
it's possible that somebody could start handing out spoofed
Fedoras.
If the key you're asking to import says it's Fedora, but the
public key
servers don't match this key, that's a very quick indication
that you
should stop using the system as it's been compromised in some
way.
Jean is a physics researcher at CERN. He installed Fedora on his
workstation because he's developing some parallel computation software
related to his hypothesis using MPI, and he likes Linux as a
development environment. He is helping to discover the fundamental
properties of the universe.
Jean is smarter than anyone posting in this thread.
People keep making the assumption that reducing questions is designing
for "dumb" users. In fact, we're designing for users who have *more
important things to do*.
We should make sure we're not stopping Jean in the middle of his work
with a question like "Do you trust this hex number?". It's not that
he couldn't answer it, but we certainly don't make it easy to do so
"correctly" (which I guess is browsing to
pgp.mit.edu and manually
entering the hex number and making some sort of wild guess based on
other signatures).
If which key is available as part of the metadata for the packages, we
could flag the packages as being signed, but not verified in the UI.
Some simple integration with seahorse could then help import specific
keys from
pgp.mit.edu, and for people to be able to verify the key
before importing.