www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ulrich Stärk <...@spielviel.de>
Subject Re: Official code signing certificate
Date Fri, 12 Apr 2013 13:08:07 GMT
On 12.04.2013 13:32, Jürgen Schmidt wrote:
> On 3/26/13 8:58 PM, Daniel Shahaf wrote:
>> On Fri, Mar 22, 2013 at 06:57:13PM +0200, Daniel Shahaf wrote:
>>> How about only signing with the real certificate once three PMC members
>>> PGP-signed the binaries-built-against-the-self-signed-certificate.
>>
>> Note that after the binaries-signed-with-the-real-certificate are built, they
>> ould have to be PGP-signed _again_ before they can be distributed.
>>
>> That's because infra has tools and policies around signing that assume PGP, and
>> we won't be changing them to suit N different ideas by M different PMCs.
>>
> adding pgp signature at the final step should be possible, we have to
> validate the builds anyway.
> 
> How we can we move forward? I would like suggest that we copy a Windows
> build bot VM and start working on a real scenario.
> 
> 1. preparing the AOO build env to sign all necessary files and bits and
> use a test certificate (provided by the AOO PMC)
> 
> 2. the test certificate is installed on the test VM
> 
> 3. we define and work on a process to communicate which revision should
> be used for the build and how the build is triggered. How the results
> are provided etc.
> 
> I believe we have to start working on it now and have to figure out what
> works best in a practical scenario.
> 
> What does other think about it?
> 

I haven't seen Sander's concerns addressed yet. Of course you can start now and build a test-bed
but
Sander is right when he says that "the signing keys [should be surrounded] with the proper
process
and equipment".

Uli

Mime
View raw message