[pacman-dev] [PATCH 1/3] Changed all references to signature verification level in libalpm symbols to 'verifysig'. Removed references to PGP in libalpm symbols. Signed-off-by: Kerrick Staley <mail at kerrickstaley.com>
Allan McRae
allan at archlinux.org
Sat Jun 4 10:30:43 EDT 2011
On 02/06/11 06:50, Dan McGee wrote:
> On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<dpmcgee at gmail.com> wrote:
>> ^^^ You deleted the blank line between the patch subject and the
>> summary text, which makes it do what it did. You'll want to put that
>> back.
>>
>> On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail at kerrickstaley.com> wrote:
>>
>> So I don't find VerifySig any more appitizing, other than matching the
>> option name we came up with. I was leaning in my head when I wrote up
>> this TODO toward something like GPGLevel, SigLevel, etc. I also think
>> we may need to be a bit more granular than our current
>> Always/Optional/Never trifecta. We have a multitude of possibilities
>> when checking a signature:
>>
>> * Valid signature, fully trusted (or ultimate,
>> (GPGME_VALIDITY_{ULTIMATE, FULL}).
>>
>> * Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN,
>> GPGME_SIGSUM_KEY_MISSING).
>> * Valid signature, trust somewhere in between (marginal,
>> GPGME_VALIDITY_MARGINAL).
>>
>> * Valid signature, user is never valid (GPGME_VALIDITY_NEVER)
>> * Valid signature, signature is however expired (GPGME_SIGSUM_SIG_EXPIRED)
>> * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED)
>> * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
>>
>> Thoughts from anyone else on the naming, as well as what to do as far
>> as expanded options? I've divided it above into roughly 3 categories,
>> of which the top would always be acceptable, the bottom would never,
>> and the middle could be a switchable option. I'm envisioning something
>> like:
>>
>> SigLevel = Always AllowUnknown
>>
>> [core]
>> SigLevel = Always
>>
>> [otherrepo]
>> SigLevel = Optional AllowUnknown
>
> I should also add that the ability to have a signed database without
> signed packages could be done this same way; e.g. "SigLevel =
> NoPackages" or something (maybe even a corresponding "NoDatabase").
>
That sort of naming scheme sounds fine to me.
How about CheckLevel rather than SigLevel as it is the level of the
checking that is being done once you add options like "NoPackages"?
Anyway, we can bikeshed the name later! But this might actually be a
case where setting up a wiki page to hash out the configuration format
and options could be useful. At least I think it would be helpful to
have this written down somewhere so I can get it all straight in my head
and it could be used as the basis of the man page later.
Allan
More information about the pacman-dev
mailing list