Chris, If my goal was to hoodwink you, I'd create a bogus key that claimed to be owned by an Apache person, put it in a KEYS file, and include in the release, and sign the release with it. If I was lucky, you'd just verify the release with the embedded key, and I'd have succeeded. We want people to use keys from some source OTHER than the mirrors to verify. There is a non-zero risk of compromise of the many mirrors.
On Mon, Jun 27, 2011 at 4:15 PM, Mattmann, Chris A (388J) <chris.a.mattm...@jpl.nasa.gov> wrote: > On Jun 27, 2011, at 12:58 PM, Noel J. Bergman wrote: > >>> we copy a KEYS file into that directory upon succesful VOTE of the release >>> artifacts (which also include the KEYS file). >> >> Perhaps, but the point we're getting at was explicitly stated by Benson, >> "The goal here is to allow and encourage consumers to independently verify >> signatures. That calls for KEYS somewhere else than inside the package." > > Right, and the point I was getting at was that in Gora, we encourage both. > > As a consumer of software, it's nice to have the keys right there with the > release package too, so > I don't have to go anywhere else rather than where I'm at (my machine) to > verify the KEYS file > that came along with the release tarball. > > Cheers, > Chris > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > Chris Mattmann, Ph.D. > Senior Computer Scientist > NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA > Office: 171-266B, Mailstop: 171-246 > Email: chris.a.mattm...@nasa.gov > WWW: http://sunset.usc.edu/~mattmann/ > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > Adjunct Assistant Professor, Computer Science Department > University of Southern California, Los Angeles, CA 90089 USA > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
