[Open Crypto Project] #50: Release engineering

[Open Crypto Project]

#50: Release engineering
-----------------------+---------------------------------------
  Reporter:  pselkirk  |      Owner:  sra
      Type:  task      |     Status:  accepted
  Priority:  critical  |  Milestone:  Alpha board DNSSEC signer
 Component:  sw        |    Version:
Resolution:            |   Keywords:
Blocked By:  42        |   Blocking:
-----------------------+---------------------------------------

Comment (by sra):

 Minor point, but re discussion of signed Debian packages: it's a mess, and
 doc is not great.

 Best explanation I've seen is http://blog.packagecloud.io/eng/2014/10/28
 /howto-gpg-sign-verify-deb-packages-apt-repositories/.

 TL;DR:

 * While tools exist to sign (object security) the packages themselves,
 binary packages (`.deb` files) are usually unsigned, because nobody
 checks, because checking is disabled, because the major distributions (eg,
 Debian, Ubuntu, ...) don't sign their binaries, therefore if signature
 checking were enabled nothing would work.  One enables this globally at
 one's peril.  One can check individual packages manually if one cares.

 * What everybody (eg, all the distributions) really do is sign the APT
 repository meta-data (a form of channel security).  We already do that.

 In our case, it probably does make sense to sign the packages too, for
 tinfoil value, but don't assume anybody's really checking the result, and
 it's not a critical priority.

--
Ticket URL: <https://trac.cryptech.is/ticket/50#comment:5>
Open Crypto Project <https://wiki.cryptech.is/>