www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <t...@pc-tony.com>
Subject Re: Signing jars
Date Fri, 02 Sep 2011 20:14:11 GMT
Folks, can we please take this over to infra-dev ? 
On 2 Sep 2011, at 21:12, Benson Margulies wrote:

> Your last message looks like you are leaning towards using the
> Verisign rather than just having a certificate and applying.
> On Fri, Sep 2, 2011 at 3:55 PM, Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>> William A. Rowe Jr. wrote on Fri, Sep 02, 2011 at 14:46:50 -0500:
>>> On 9/2/2011 12:20 PM, Daniel Shahaf wrote:
>>>> If the proposal is to have just one ASF-wide cert, who would have access
>>>> to sign with it?
>>>> ("root@ only" doesn't scale, "all committers" is too much, some middle ground?)
>>> Please, scroll back, this was discussed.  Nobody but root (a subset
>>> actually) would have access to the actual signing key, in the pursuit
>>> of managing the signing service.
>> Read what I said.  I didn't ask who would have access to the key,
>> I asked who would be able to sign.
>>> At least all PMC members could pass through a signing request, as any
>>> could be a component RM.  Every article of signed code is recorded
>>> in svn, notices sent, etc.  It would be difficult/near impossible to
>>> abuse this without drawing attention.
>> My question wasn't about "drawing attention" but about handling the
>> rogue signature that would then be circulating.  Your next paragraph
>> mentions revoking select signatures, which addresses this.  Thanks.
>>> The signing service itself offered by VeriSign (for some significant
>>> amount of $$$'s) would permit an ACL of specific authorized users and
>>> would associate signed artifacts to the signer with the ability to
>>> recall the signature.  It seems each signed object ultimately wins its
>>> own unique signing key/cert, although it appears as signed by the org.


Tony Stevenson

tony@pc-tony.com // pctony@apache.org


GPG - 1024D/51047D66

View raw message