[Yum] yum's awesome, ideas
Aleksander Demko
Aleksander.Demko at nrc-cnrc.gc.ca
Wed Jul 30 20:48:08 UTC 2003
On Wed, 2003-07-30 at 15:22, seth vidal wrote:
> well if its going to import the key for you what's the point of having
> it on? an attacker can just trojan the key, right?
>
> I could definitely see a point in having a default key listed that yum
> will import if it can - but how do you do that safely?
Well, if you want to be completely secure, then yeah, you have to follow
the usual public key crypto guidelines. Either get the key directly from
the source, over a 100% secure connection or get the key signed by a
party already in your trust ring. I think both aren't very feasible for
the average user/organization. The process needs to be boot strapped
some how -- perhaps a key server, but then that could be spoofed too.
But I guess RH decided to compromise, in the name of user friendliness,
as this is exactly what up2date does. Of course up2date only talks to
their servers so unless spoofed, a mis-matched key would be soon
discovered.
--
// Aleksander.Demko at nrc-cnrc.gc.ca ademko at nrc.ca scopira.org //
More information about the Yum
mailing list