Hello Jan, can you give me a short description what we/you need and what are the problems with apache infrastructure.
I'm not so familar with the apache infrastructure to understand all things of the thread. Then I will give this information to people who are familar with organisation assurance by Cacert. Thanks Mechtilde Am 25.05.2013 15:38, schrieb janI: > On 25 May 2013 15:31, Mechtilde <[email protected]> wrote: > >> Hello, >> >> what about an organisation assurance by Cacert. >> >> At FOSDEM 2013 there are some discussions with people from cacert. >> >> If you need more informations and contacts I will act as an agent. >> > If you can get some information, I would like to read it, and pass it on to > infra. > > rgds > jan I. > > >> >> Let me know >> >> Kind regards >> >> Mechtilde >> >> >> Am 25.05.2013 15:22, schrieb janI: >>> On 25 May 2013 12:04, Andrea Pescetti <[email protected]> wrote: >>> >>>> Dave Fisher wrote: >>>> >>>>> The main concern that the ASF has with digitally signing with a >>>>> singular apache.org certificate for the whole foundation is keeping >>>>> it in strict control. For some this means physical machines. This is >>>>> a high bar. >>>>> I wonder if the ASF would allow AOO to experiment with an >>>>> OpenOffice.org codesigning certificate? >>>>> >>>> >>>> If there is willingness to experiment on this, for sure the OpenOffice >>>> project would benefit from it. It is clear what the goal is: it would be >>>> beneficial to our users if the Windows and Mac binaries were signed, to >>>> avoid potentially confusing security warnings. And it would be very >> good to >>>> have it by version 4.0. And the problem is much more with policy (or, in >>>> general, with security/infra concerns) than technology. >>>> >>> >>> Seen with infra eyes the major problem is to find a working procedure >> that >>> are secure, meaning only few people have access to signing, the >> discussions >>> there have been very little on politics >>> >>>> >>>> We never thought we would get the wildcard certificate, but hey who >>>>> knows? >>>>> >>>> >>>> I thought it was hard, but not impossible. But honestly, it also raised >>>> fewer concerns than a code-signing certificate. >>>> >>>> On May 24, 2013, at 2:43 PM, Rob Weir wrote: >>>>> >>>>>> And I should mention that pushing the code signing side is >>>>>> probably premature until we have the build side more solidly >>>>>> automated. >>>>>> >>>>> >>>> This has been Infra's approach in the current discussion. For those not >>>> following that list: see http://mail-archives.apache. >> **org/mod_mbox/www-** >>>> infrastructure-dev/< >> http://mail-archives.apache.org/mod_mbox/www-infrastructure-dev/>(you >> will see the "code signing" thread appearing in most of the recent >>>> months' archives). >>>> >>>> On Fri, May 24, 2013 at 5:01 PM, janI wrote: >>>>>>> >>>>>>>> I am sorry I defended our viewpoint, and made this list aware >>>>>>>> that there are other projects with similar needs. You just >>>>>>>> managed to kill the messenger, next time this issue is >>>>>>>> discussed on IRC, I will refer to this thread and keep silent. >>>>>>>> >>>>>>> >>>> No, no need for this. Of course you should discuss options that would be >>>> beneficial to the OpenOffice project, and it's well-known that you do >> get >>>> things done, a lot of them. In this case, the ongoing frustration that >> you >>>> see reflected in some messages is due to the fact that the long >> discussion >>>> on infra-dev made it clear, so far, that there are infrastructure >>>> requirements that must be satisfied as a prerequisite for code signing. >>>> >>>> So, while code-signing is the ultimate goal, with the current approach >> we >>>> would have to get other infrastructure work done before it (namely, >> improve >>>> buildbots). Unless we have, or find, a way to work around it to properly >>>> sign the 4.0 release. >>>> >>> >>> Thx for the kind words. Actually buildbots is only one way of doing this, >>> and not the way you find in many big companies. In many companies (see >>> adobe as the example) the built binaries are delivered to a central >>> signing server, where only very few people have access. The project >>> guarantees for the quality of the binary being delivered, please remember >>> using the buildbot it still no guarantee against malicous code, a >> committer >>> could easily insert that over time. Connecting buildbot and signing would >>> mean allowing many people having access to the certificate, which is a >> risk >>> in itself. >>> >>> A central signing server has many advantages, but one big disadvantage it >>> puts more load in infra, something they are very nervours about. >>> >>> rgds >>> jan I. >>> >>> Regards, >>>> Andrea.
signature.asc
Description: OpenPGP digital signature
