ubuntu-appstore-developers team mailing list archive

Thread
Date

Re: Signed Click packages

To: ubuntu-appstore-developers@xxxxxxxxxxxxxxxxxxx
From: Colin Watson <cjwatson@xxxxxxxxxx>
Date: Thu, 8 Aug 2013 12:58:41 +0100
In-reply-to: <520386E0.7090100@canonical.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Aug 08, 2013 at 07:54:08AM -0400, Marc Deslauriers wrote:
> On 13-08-08 07:01 AM, Colin Watson wrote:
> > I won't write new crypto logic if I can possibly help it, so this is a
> > big win even if the policy format isn't necessarily quite what I would
> > have chosen.  I'll probably add some new commands to click to do signing
> > and verification, but they'll just pass through to external commands.
> 
> dpkg-sig only seems to handle SHA1 and MD5 though, which is unacceptable. We
> need to change it to something better, like SHA512.

I didn't mention dpkg-sig, which seems to be an entirely different
system from debsigs / debsig-verify.

> > This does leave a couple of questions:
> > 
> >  * Does it matter if you need to be in developer mode to install new
> >    signature verification policies?  (If this is unacceptable, we either
> >    need to make sure these directories are transparently on the data
> >    partition, or have debsig-verify look in alternate locations that
> >    are.)
> 
> By 'developer mode', we're talking about opting out of the image-based updates,
> right? We should probably find a better name for that, it's pretty confusing :)

Right.

> I think app developers would probably want to remain in image-based updates
> mode, to be able to actually test their apps in the same environment as the
> shipping devices.

Mm.  OK.

> >  * Do we need a fancy UI for making decisions like "trust all packages
> >    from this signer", or is it acceptable for this to be something we
> >    document for enthusiasts for now?
> 
> I don't think it should have a fancy UI, as I don't think we want to have
> websites telling people to play with those settings. It should be a
> developer/debugging thing only, that will likely be only available once you've
> unlocked the device.

What exactly is the technical meaning of "unlocked" for Ubuntu Touch?

-- 
Colin Watson                                       [cjwatson@xxxxxxxxxx]

Follow ups

Re: Signed Click packages
From: Marc Deslauriers, 2013-08-08

References

Signed Click packages
From: Colin Watson, 2013-08-08
Re: Signed Click packages
From: Marc Deslauriers, 2013-08-08