Comment 12 for bug 125103
Revision history for this message
| Martin Pool (mbp) wrote Re: [Bug 125103] Re: ppa archives are not signed | #12 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Perhaps we should also consider serving ppas over https (like the rest
of Launchpad) to increase the difficulty of impersonating the server.
(This is a compliment to not a substitute for signing.)
> What would be really nice is if you could have this situation:
>
> * I always sign all of my source packages with my private key. (call this private_alsuren).
> * The PPA servers keep a different private key for me (call this ppa_alsuren). I cannot access this key myself: it is only accessible by the build service.
> * When a source package is uploaded, and signed with private_alsuren, the corresponding binary package is automatically signed with ppa_alsuren.
> * My PPA automatically contains a package called ppa-alsuren-
Note that the PPA (like all apt archives) is signed at the archive
level, not the individual package level. So as far as I know we can't
use different keys depending on the keys used to sign the source
upload - I'm not sure if you were requesting that or not.
Note also that PPA already verifies the source package is appropriately signed.
Putting the public key in a package in the PPA would not be very
useful in bootstrapping, as users would be getting the pubkey from an
untrusted source.
It would be more useful for the PPA web page to include a link to the
PPA signing key - either a GPG command to get it, or just the url from
which it can be fetched.
--
Martin