[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#17625: 24.4.50; All installed packages marked "unsigned", no archive
|
From: |
Stefan Monnier |
|
Subject: |
bug#17625: 24.4.50; All installed packages marked "unsigned", no archive listed |
|
Date: |
Tue, 30 Sep 2014 11:46:46 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) |
> I am, but looked in the trunk for this file. I didn't expect you'd put
> the keyring only in the emacs-24 branch. Why keep it out of trunk?
> Users there won't know to look in emacs-24.
For those who haven't followed Emacs's development over the last
5 years: changes that should go into the release are made *only* to the
release branch, which is then merged every once in a while into trunk.
> They have to attempt an install. That's why I suggested the "Verify" button.
A verify button would only make sense if we exposed the "download" and
the "install" as two separate steps, so the user could then "verify"
between those two steps.
If we don't, then the user can "verify" with your button, get
a "verification successful" and then go on and download an unsigned
package (because the attacker just changed the file and removed the sig
in the mean time).
> The whole thing is hard to set up for a new user,
Huh? It's completely transparent! Have you tried the `emacs-24' branch?
> I'm trying to cover the case where the users wants to allow installing
> unsigned packages, but still wants to verify an individual package's
> signature beforehand. As the number of package archives grows, I think
> that will be useful.
A much better option, then, is to let package-check-signature take
another value which causes the user to be prompted if the sig can't
be checked.
Stefan