On Fri, 2004-11-05 at 01:28 -0600, Satish Balay wrote:
On Fri, 5 Nov 2004, seth vidal wrote:
> This is just based on keys in your rpmdb.
>
> The idea is this:
>
> if you have 3 repos available to yum.
>
> They are signed with 3 separate gpg keys. So you've imported all the
> keys into your rpmdb. The whole point of the feature I described before
> is so you can say:
>
> the only packages I want from this repository are signed with _this_
> key. If you get a package from this repository that is signed with any
> other key, even if I have that key in my rpmdb, don't trust it.
Ok - here you are saying EACH package is signed. And this pacakge
signature is the one thats compared.
The inferences I get from the above are:
- all packages from all repos should be signed (ideally)
- if an unsigned package is part of the dep-resolve list - then yum
just aborts the transaction
- (Obviously - the main feature) if the 'key' doesn't match the one
seecified for this repo in yum.conf - the transaction is aborted.
I do like this new feature. A couple of questions remain.
- Where does sigining 'metadata' fit in here?
- And this scheme would require rawhide pacakges also to be signed
with some key. (or am I misreading this?)
let's be clear. I'm not proposing anything. I'm just describing an RFE
I've gotten before and that I've written some of the code for. It in no
way reflects what I think policy should be or is.
it has nothing to do with metadata signing.
I was just muddying the discussion somewhat.
-sv