On 25 May 2013 15:31, Mechtilde <[email protected]> wrote: > Hello, > > what about an organisation assurance by Cacert. > > At FOSDEM 2013 there are some discussions with people from cacert. > > If you need more informations and contacts I will act as an agent. > If you can get some information, I would like to read it, and pass it on to infra.
rgds jan I. > > Let me know > > Kind regards > > Mechtilde > > > Am 25.05.2013 15:22, schrieb janI: > > On 25 May 2013 12:04, Andrea Pescetti <[email protected]> wrote: > > > >> Dave Fisher wrote: > >> > >>> The main concern that the ASF has with digitally signing with a > >>> singular apache.org certificate for the whole foundation is keeping > >>> it in strict control. For some this means physical machines. This is > >>> a high bar. > >>> I wonder if the ASF would allow AOO to experiment with an > >>> OpenOffice.org codesigning certificate? > >>> > >> > >> If there is willingness to experiment on this, for sure the OpenOffice > >> project would benefit from it. It is clear what the goal is: it would be > >> beneficial to our users if the Windows and Mac binaries were signed, to > >> avoid potentially confusing security warnings. And it would be very > good to > >> have it by version 4.0. And the problem is much more with policy (or, in > >> general, with security/infra concerns) than technology. > >> > > > > Seen with infra eyes the major problem is to find a working procedure > that > > are secure, meaning only few people have access to signing, the > discussions > > there have been very little on politics > > > >> > >> We never thought we would get the wildcard certificate, but hey who > >>> knows? > >>> > >> > >> I thought it was hard, but not impossible. But honestly, it also raised > >> fewer concerns than a code-signing certificate. > >> > >> On May 24, 2013, at 2:43 PM, Rob Weir wrote: > >>> > >>>> And I should mention that pushing the code signing side is > >>>> probably premature until we have the build side more solidly > >>>> automated. > >>>> > >>> > >> This has been Infra's approach in the current discussion. For those not > >> following that list: see http://mail-archives.apache. > **org/mod_mbox/www-** > >> infrastructure-dev/< > http://mail-archives.apache.org/mod_mbox/www-infrastructure-dev/>(you > will see the "code signing" thread appearing in most of the recent > >> months' archives). > >> > >> On Fri, May 24, 2013 at 5:01 PM, janI wrote: > >>>>> > >>>>>> I am sorry I defended our viewpoint, and made this list aware > >>>>>> that there are other projects with similar needs. You just > >>>>>> managed to kill the messenger, next time this issue is > >>>>>> discussed on IRC, I will refer to this thread and keep silent. > >>>>>> > >>>>> > >> No, no need for this. Of course you should discuss options that would be > >> beneficial to the OpenOffice project, and it's well-known that you do > get > >> things done, a lot of them. In this case, the ongoing frustration that > you > >> see reflected in some messages is due to the fact that the long > discussion > >> on infra-dev made it clear, so far, that there are infrastructure > >> requirements that must be satisfied as a prerequisite for code signing. > >> > >> So, while code-signing is the ultimate goal, with the current approach > we > >> would have to get other infrastructure work done before it (namely, > improve > >> buildbots). Unless we have, or find, a way to work around it to properly > >> sign the 4.0 release. > >> > > > > Thx for the kind words. Actually buildbots is only one way of doing this, > > and not the way you find in many big companies. In many companies (see > > adobe as the example) the built binaries are delivered to a central > > signing server, where only very few people have access. The project > > guarantees for the quality of the binary being delivered, please remember > > using the buildbot it still no guarantee against malicous code, a > committer > > could easily insert that over time. Connecting buildbot and signing would > > mean allowing many people having access to the certificate, which is a > risk > > in itself. > > > > A central signing server has many advantages, but one big disadvantage it > > puts more load in infra, something they are very nervours about. > > > > rgds > > jan I. > > > > Regards, > >> Andrea. > >> > >> > ------------------------------**------------------------------**--------- > >> To unsubscribe, e-mail: dev-unsubscribe@openoffice.**apache.org< > [email protected]> > >> For additional commands, e-mail: [email protected] > >> > >> > > > > >
