Should Fedora rpms be signed?
balay at fastmail.fm
Fri Nov 5 07:28:21 UTC 2004
On Fri, 5 Nov 2004, seth vidal wrote:
> This is just based on keys in your rpmdb.
> The idea is this:
> if you have 3 repos available to yum.
> They are signed with 3 separate gpg keys. So you've imported all the
> keys into your rpmdb. The whole point of the feature I described before
> is so you can say:
> the only packages I want from this repository are signed with _this_
> key. If you get a package from this repository that is signed with any
> other key, even if I have that key in my rpmdb, don't trust it.
Ok - here you are saying EACH package is signed. And this pacakge
signature is the one thats compared.
The inferences I get from the above are:
- all packages from all repos should be signed (ideally)
- if an unsigned package is part of the dep-resolve list - then yum
just aborts the transaction
- (Obviously - the main feature) if the 'key' doesn't match the one
seecified for this repo in yum.conf - the transaction is aborted.
I do like this new feature. A couple of questions remain.
- Where does sigining 'metadata' fit in here?
- And this scheme would require rawhide pacakges also to be signed
with some key. (or am I misreading this?)
More information about the test