Subject: Re: adding gpg to src/gnu/dist
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: Greg A. Woods <woods@weird.com>
List: tech-userlevel
Date: 05/19/2004 20:32:31
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ On Tuesday, May 18, 2004 at 14:04:07 (-0400), Thor Lancelot Simon wrote: ]
> Subject: Re: adding gpg to src/gnu/dist
>
> What it might be entirely reasonable to use PGP/GPG for would be detached
> signatures of the initial OS install media. This is where you'd get the
> NetBSD CA certificate; it is your introduction to the hierarchy of trust
> that controls the rest of your use of the system (signed or not, you're
> trusting us as soon as you install our software; you can't really avoid
> that). So it might be nice to let others provide PGP signatures to assure
> you that, in fact, the CA certificate and executables you're about to
> bootstrap yourself with are, indeed, from the people you think they're
> from. I would support that alongside use of X.509 signatures for update
> and package installation within the OS.
Yes, OK, this does make a tremendous amount of sense to me now and I
like it very much.
Along with Bill's post with ID <20040518021457.GD4250@netbsd.org> you've
addressed very well the concerns I had about how real users, myself
included, would come to trust the NetBSD CA root certificate, while at
the same time explaining why X.509 certificates do make the most sense
to use for doing the actual signing of the distributed files.
- --
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com> Secrets of the Weird <woods@weird.com>
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Comment: Processed by Mailcrypt 3.5.8, an Emacs/PGP interface
Charset: noconv
iQA/AwUBQKv8dmJ7XxTCWceFEQIL2ACgzMyApnDd+fYSbbZZrtn1Jvl8gYkAoODA
H9Ivg7BA5Fe7vDq9ygO5OtM7
=RCvf
-----END PGP SIGNATURE-----