Re: BK2CVS problem
From: Matthias Andree
Date: Thu Nov 06 2003 - 05:41:54 EST
On Wed, 05 Nov 2003, Larry McVoy wrote:
> > Granted that this was not a break in BK itself the event is still alarming.
> > It makes me wonder if there is some way we can start using GPG signatures
> > with BK itself so that you can get proof-positive that a CSET annotated
> > as from davem really is from the David Miller we know and trust.
>
> I couldn't agree more, we've thought about this and have a design,
> but credit where credit is due, Ted T'so is the driving force behind
> this idea. He and I have had long discussions about this and we have a
> plan to do exactly that in BK. I've already told Linus that we can add
> that to BK, and will, in the free version, so that you can at least be
> assured that all the stuff in BK is either flagged trusted or untrusted.
>
> We think that is an excellent idea, we want to do it, but we were waiting
> for some event to trigger it. We've been berated publicaly for each
> and every change we've made to the free version of BK so now we wait
> for people to ask for changes and then we'll make them. Just say the
> word and we'll code this up as soon as we can.
The words "web of trust" (signing GPG keys) come to mind. Most software
that is GnuPG signed is signed with very short keys with no signature,
and GPG options such as --always-trust would be harmful here.
The advantage which is a difficulty at the same time is that the trust
level of each BK tree will then be different, depending on the local key
ring, trust settings and all that. This should be documented, to avoid
confusion.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/