On Mon, 1 Nov 2004, Peter Jones wrote:
On Mon, 2004-11-01 at 17:34 -0600, Satish Balay wrote:
> Ok - you & Seth seem to have a solution to the problem.
>
> Still no good explanation why ALL keys should be treated the same.
Because there's nothing about a key that tells you how to treat it.
Thats because the 'user' decides how to use the key - and had a choice
to differenciate.
> To me 'rehdat-key' is different from 'linva-key'
etc. And I think
> rawhide can do the same.
>
> The analogy I keep thinking is 'my signature' is differnet than
> 'RedHat's CEO's signature' treating both to mean the same is nuts..
But the signature isn't different in kind. You just "know" which
documents one is good on and which one isn't. But we don't have that
kind of knowledge for all keys. We don't know which repositories each
key is good for what on, and making the infrastructure to tell that
about keys is a lot of work. Making the infrastructure for a key to
sign something which tells us is significantly easier, I think.
Ok - here you want the key to carry additional pay-load - and the
infracture tools automatically use/manage this info.
But I'm thinking the user manages keys - and assigns meaning to it.
For eg: I'd like to be able to say:
- if updates signed with 'fedora.us-key' give me a big fat warning.
- if update signed with 'fedora.us-key' && foo-bar-key - go ahead and
install. (where foo-bar user contributed that package to fedora.us)
I guess both modes should be possible.
Satish