kernel.org no longer centrally signs submissions
kernel.org no longer centrally signs submissions
Posted Nov 9, 2011 0:24 UTC (Wed) by jimparis (guest, #38647)In reply to: kernel.org no longer centrally signs submissions by raven667
Parent article: KS2011: Kernel.org report
Posted Nov 9, 2011 2:49 UTC (Wed)
by giraffedata (guest, #1954)
[Link]
Thanks; that's exactly what I was thinking. The great advantage of a digital signature is that it gives you a basis for trusting something regardless of how it got to you. If I found a kernel by the side of the road, I'd say, "Hell yes, I'll put that on my server. I can see that kernel.org blessed this particular arrangement of bits at some point." But it would be ridiculous to say, "This looks OK. Somebody signed it."
The developer signature appears to serve an entirely different purpose from the kernel.org automatic signature (I suppose it is what tells kernel.org, which does know all the individuals, it's OK to take the code), but the article makes it sound like it is a replacement of -- and improvement on -- it.
Posted Nov 9, 2011 3:11 UTC (Wed)
by raven667 (subscriber, #5198)
[Link]
Auto signing doesn't provide any more verification than an md5sum file which would probably be a better choice. When signatures are used people often assume a higher level of verification than really exists. Usually when releases are signed the private key is not publicly accessible and is on a separate device that only release approvers have access to, an offline workstation or smart card for example. That procedure can be a higher level of assurance that the bits you have are the right ones
kernel.org no longer centrally signs submissions
kernel.org no longer centrally signs submissions