Proposed F19 Feature: Package Signature Checking During Installation
Benny Amorsen
benny+usenet at amorsen.dk
Thu Jan 10 22:11:30 UTC 2013
Adam Jackson <ajax at redhat.com> writes:
> For the same reason Firefox doesn't automatically accept self-signed SSL
> certs, and the same reason that ssh doesn't automatically accept new
> host keys: it'd be creating trust from thin air.
I trust my hardware, I trust my firmware, I trust my install medium.
That is not trust from thin air; the hardware is unlikely to be
compromised and I verify the install medium. I cannot completely rule
out firmware compromise, but if I have been hit by that I am owned
already and likely will stay owned for years.
I don't trust random mirrors on the Internet. Yet Anaconda somehow does.
Despite the fact that it could easily grab the key off the trusted
install medium and check the signatures.
/Benny
More information about the devel
mailing list