diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-05-20 17:09:28 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-05-20 17:21:08 -0400 |
commit | 73a310ce49c91f0884d05a8d2cd8c96c3c5447d3 (patch) | |
tree | 1d7489b13e5ae950a849508857111966e538625e /doc/todo | |
parent | 34b0151e125a6698f57ea476ccfa922c6275edf1 (diff) | |
download | debug-me-73a310ce49c91f0884d05a8d2cd8c96c3c5447d3.tar.gz |
developer keyring verification
* gpg keyrings in /usr/share/debug-me/ will be checked
to see if a connecting person is a known developer of software
installed on the system, and so implicitly trusted already.
Software packages/projects can install keyrings to that location.
(Thanks to Sean Whitton for the idea.)
* make install will install /usr/share/debug-me/debug-me_developer.gpg,
which contains the key of Joey Hess. (stack and cabal installs don't
include this file because they typically don't install system-wide)
* debug-me.cabal: Added dependency on time.
This commit was sponsored by Francois Marier on Patreon.
Diffstat (limited to 'doc/todo')
-rw-r--r-- | doc/todo/use_distribution_keyrings.mdwn | 3 | ||||
-rw-r--r-- | doc/todo/use_distribution_keyrings/comment_2_43e012511d2fc39d78789541482928b7._comment | 9 |
2 files changed, 12 insertions, 0 deletions
diff --git a/doc/todo/use_distribution_keyrings.mdwn b/doc/todo/use_distribution_keyrings.mdwn index df21588..be4492e 100644 --- a/doc/todo/use_distribution_keyrings.mdwn +++ b/doc/todo/use_distribution_keyrings.mdwn @@ -5,3 +5,6 @@ Example output: `Sean Whitton is an official Debian Developer (information accur Distribution packagers of debug-me could add the keyrings to be checked in this way to a configuration file, or possibly just hardcode them somewhere in debug-me's source. --spwhitton + +> [[done]]; you'll need to include the symlinks to the debian keyring +> in the keysafe.deb. --[[Joey]] diff --git a/doc/todo/use_distribution_keyrings/comment_2_43e012511d2fc39d78789541482928b7._comment b/doc/todo/use_distribution_keyrings/comment_2_43e012511d2fc39d78789541482928b7._comment new file mode 100644 index 0000000..8145e47 --- /dev/null +++ b/doc/todo/use_distribution_keyrings/comment_2_43e012511d2fc39d78789541482928b7._comment @@ -0,0 +1,9 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 2""" + date="2017-05-20T21:10:36Z" + content=""" +Simplified that sligtly. The keyring filename can describe the +relationship, eg "a_Debian_developer.gpg". The mtime of the keyring will be +displayed so the user knows how up-to-date it is. +"""]] |