PackageKit Misconceptions
Bastien Nocera
bnocera at redhat.com
Thu Aug 23 08:53:00 UTC 2007
On Wed, 2007-08-22 at 13:55 -0400, Colin Walters wrote:
> On 8/22/07, Jesse Keating <jkeating at redhat.com> wrote:
>
> There aren't requirements, however given that our software is
> mirrored
> around the world and our tools are made easy to make your own
> Fedora,
> it's possible that somebody could start handing out spoofed
> Fedoras.
> If the key you're asking to import says it's Fedora, but the
> public key
> servers don't match this key, that's a very quick indication
> that you
> should stop using the system as it's been compromised in some
> way.
>
> Jean is a physics researcher at CERN. He installed Fedora on his
> workstation because he's developing some parallel computation software
> related to his hypothesis using MPI, and he likes Linux as a
> development environment. He is helping to discover the fundamental
> properties of the universe.
>
>
> Jean is smarter than anyone posting in this thread.
>
> People keep making the assumption that reducing questions is designing
> for "dumb" users. In fact, we're designing for users who have *more
> important things to do*.
>
> We should make sure we're not stopping Jean in the middle of his work
> with a question like "Do you trust this hex number?". It's not that
> he couldn't answer it, but we certainly don't make it easy to do so
> "correctly" (which I guess is browsing to pgp.mit.edu and manually
> entering the hex number and making some sort of wild guess based on
> other signatures).
If which key is available as part of the metadata for the packages, we
could flag the packages as being signed, but not verified in the UI.
Some simple integration with seahorse could then help import specific
keys from pgp.mit.edu, and for people to be able to verify the key
before importing.
More information about the desktop
mailing list