[Mageia-dev] PGP keys and package signing
Olivier Thauvin
nanardon at nanardon.zarb.org
Mon Jan 31 12:43:17 CET 2011
* Christophe Fergeau (cfergeau at gmail.com) wrote:
> Hey,
>
> 2011/1/31 nicolas vigier <boklm at mars-attacks.org>:
> > - In case we think the packages@ key may have been compromised, or is
> > too old, or we want to change it for any other reason, we revoke the
> > key, and/or revoke the signature from board@ so that it is no
> > longer accepted by urpmi. We create a new key, we sign it with
> > the board@ key and we can start to use this new key.
>
> Will all existing packages be reviewed and resigned when they key is
> thought to have been compromised? What happens on user systems when
> this is done? Will they have to reinstall all packages signed with the
> new key?
Re-signing packages will not change their name-evr-arch, so on urpmi/rpm
side packages does not have to be updated. But from a user point of view
they installed packages (then checked it) before the compromission, ie
when packages were trustable.
So in case of compromission packages must be resigned but I don't think
users have to reinstall it as their content won't changes.
In the case a packages is compromised (a package with malware is
introduced on the mirror) then we'll have to provide an update with a
clean package and in this specific case users will have to update it.
>
> Christophe
--
Olivier Thauvin
CNRS - LATMOS
♖ ♘ ♗ ♕ ♔ ♗ ♘ ♖
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: </pipermail/mageia-dev/attachments/20110131/4b41d3ff/attachment.asc>
More information about the Mageia-dev
mailing list