[prev in list] [next in list] [prev in thread] [next in thread]
List: lustre-discuss
Subject: [lustre-discuss] Signing important git commits and files (RPMs, DEBs) distributed on the whamcloud r
From: "Audet, Martin via lustre-discuss" <lustre-discuss () lists ! lustre ! org>
Date: 2024-01-26 15:31:14
Message-ID: 5792986c4e4b4f398b6f73c0b49b805a () cnrc-nrc ! gc ! ca
[Download RAW message or body]
Hello,
It would be great if the important commits, especially those corresponding =
to tags, were signed using a long term keys (ex: GPG, SSH or X.509, you hav=
e the choice since git supports many formats) with the corresponding public=
keys published on Lustre web site and their fingerprints on this mailing l=
ist for example. This would allow every user to have a better confidence in=
the integrity of the associated code and comply more with the end-to-end p=
rinciple as the private keys would be kept preciously by the developers.
It is the same thing with the RPMs and DEBs packages distributed over the =
whamcloud repository (https://downloads.whamcloud.com/public/lustre/) excep=
t that the choice of the key system is limited to GPG in this case. As you =
know it is the common practice to associate a public key with every remote =
repository to verify the authenticity of every downloaded package before in=
stallation (but it is not yet done on this repository).
Performing downloads or "git" access over "https" is better than nothing bu=
t the guaranty of integrity is way better if done by signatures closer to t=
he original authors.
Signing keys could even be held on hardware devices such as Yubikeys as thi=
s would be both very secure and convenient for developers.
Please consider this suggestion, I am sure it would satisfy many users.
Thanks,
Martin Audet
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} \
--></style> </head>
<body dir="ltr">
<div id="divtagdefaultwrapper" \
style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" \
dir="ltr"> <p>Hello,</p>
<p><br>
</p>
<p>It would be great if the important commits, especially those corresponding to \
tags, were signed using a long term keys (ex: GPG, SSH or X.509, you have \
the choice since git supports many formats) with the corresponding public keys \
published on Lustre web site and their fingerprints on this mailing list for \
example. This would allow every user to have a better confidence in the integrity of \
the associated code and comply more with the end-to-end principle as the private keys \
would be kept preciously by the developers.</p>
<p><br>
</p>
<p>It is the same thing with the RPMs and DEBs \
packages distributed over the whamcloud repository (<a \
href="https://downloads.whamcloud.com/public/lustre/" class="OWAAutoLink" \
id="LPlnk437213">https://downloads.whamcloud.com/public/lustre/</a>) except that the \
choice of the key system is limited to GPG in this case. As you know it is the common \
practice to associate a public key with every remote repository to verify the \
authenticity of every downloaded package before installation (but it is not yet done \
on this repository).</p>
<p><br>
</p>
<p>Performing downloads or "git" access over "https" is better \
than nothing but the guaranty of integrity is way better if done by signatures \
closer to the original authors.<br> <br>
Signing keys could even be held on hardware devices such as Yubikeys as this \
would be both very secure and convenient for developers.</p> <p><br>
</p>
<p>Please consider this suggestion, I am sure it would satisfy many users.</p>
<p><br>
</p>
<p>Thanks,</p>
<p><br>
</p>
<p>Martin Audet</p>
</div>
</body>
</html>
_______________________________________________
lustre-discuss mailing list
lustre-discuss@lists.lustre.org
http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org
--===============5703191391462715914==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic