launchpad-users team mailing list archive

[Christian Robottom Reis <kiko@xxxxxxxxxxxxx>]

Just to clear some potention confusion:

On Tue, Apr 07, 2009 at 03:00:39PM -0300, Celso Providelo wrote:
> > In my eyes this is weird behaviour. If I'm correctly signing packages
> > has the purpose of making sure the package was really added by the
> > maintainer of the repository and allowing you to track down the
> > credibility of that person or team via his/her/their key.
> > We don't use keys to prove that package X from repository Y comes from
> > repository Y. This, however, is what Launchpad is doing at the moment.

I'm not sure why you say you don't use keys to prove that package X
comes from repository Y -- that is exactly what we use signed archives
for: to avoid the risk of a MITM impersonation of an archive.

The specific problem that Sense has pointed out here:

> > This problem has worsened since multiple PPAs per user/team were
> > introduced. Now you have one key for every PPA.

is what Celso is suggesting addressing here:

> I have discussed your ideas with Colin Watson and we agreed that new
> signing-keys for every single PPA is an unnecessary paranoid, which ends
> up causing extra trouble for users without providing any clear benefit.

This basically means that for the cases where a team or user has
multiple PPAs, we'd use the same key.
-- 
Christian Robottom Reis | [+55 16] 3376 0125 | http://launchpad.net/~kiko
                        | [+55 16] 9112 6430 | http://async.com.br/~kiko