xml-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Berin Lautenbach <be...@ozemail.com.au>
Subject Re: PMC Work Items
Date Fri, 28 Feb 2003 22:54:18 GMT
Robert,


> therefore, it seems to me that a release signed by a key which resides 
> on an ASF machine can be trusted as much as a release downloaded 
> directly from an ASF machine.
>
> so, in security terms, moving from unsigned releases on an ASF machine 
> to signed releases on mirror with keys on ASF machines is security 
> neutral.
>
> moving to a secure apache wide system of signed keys would be a 
> definite improvement. (but there may be practical problems to be 
> overcome.)
>

Absolutely agree with all of the above.  Thus my question about "what is 
the aim".  If the aim is to remain in a neutral state, then OK.  It just 
seems to me that given we have to address one problem, then there is an 
opportunity to address the wider problem and look at how we can overcome 
the practical problems you mention.  They have all been overcome before, 
and anything that promotes "trust" in the Apache brand has to be a good 
thing?

I think I might go one step further in remaining security neutral.  We 
also need to more strongly "advertise" the need for people to now 
validate signatures against a key sourced from an ASF machine to 
encourage people to take that extra step.  Easily done however.  (Part 
of the download page etc.)

Cheers,
    Berin


---------------------------------------------------------------------
In case of troubles, e-mail:     webmaster@xml.apache.org
To unsubscribe, e-mail:          general-unsubscribe@xml.apache.org
For additional commands, e-mail: general-help@xml.apache.org


Mime
View raw message