launchpad-dev team mailing list archive

[James Westby <jw+debian@xxxxxxxxxxxxxxx>]

Hi Muharem,

Thanks for the information.

On Wed Oct 07 07:12:03 +0100 2009 Muharem Hrnjadovic wrote:
> Currently, we basically use anonymous ftp and rely on the key the source
> package is signed with and the .changes file to determine who the
> uploader/maintainer is.

This is the same for binary and source uploads? I'm familiar with how
source uploads work from doing them myself, but not the binary uploads
from the buildds, which seems to have more in common with build-from-branch.

> This is problematic in quite a few regards and we planned to switch over
> to an authenticated (ssh based?) upload mechanism since July of last
> year.

That's interesting, because...

> This would make it possible to upload unsigned packages

That changes the security assurances that we have for packages, you
are now relying on SSH keys rather than GPG keys. Are they believed
to give us the same assurances?

> or for the uploader to be different from the person who signed the package.

I don't see that is different from what we can do now? I can already sign
a .changes with someone else in "Changed-By" (sponsoring), and can even
give them the .changes back to upload directly if I like.

Is this change driven by concerns over the current process for binary uploads
from the buildds?

Thanks,

James