[pacman-dev] [PATCH 1/3] Changed all references to signature verification level in libalpm symbols to 'verifysig'. Removed references to PGP in libalpm symbols. Signed-off-by: Kerrick Staley <mail at kerrickstaley.com>

Wed Jun 8 04:07:52 EDT 2011

On Sat, Jun 4, 2011 at 9:30 AM, Allan McRae <allan at archlinux.org> wrote:
> On 02/06/11 06:50, Dan McGee wrote:
>>
>> On Wed, Jun 1, 2011 at 3:46 PM, Dan McGee<dpmcgee at gmail.com>  wrote:
>>>
>>> ^^^ You deleted the blank line between the patch subject and the
>>> summary text, which makes it do what it did. You'll want to put that
>>> back.
>>>
>>> On Wed, Jun 1, 2011 at 3:03 PM, Kerrick Staley<mail at kerrickstaley.com>
>>>  wrote:
>>>
>>> So I don't find VerifySig any more appitizing, other than matching the
>>> option name we came up with. I was leaning in my head when I wrote up
>>> this TODO toward something like GPGLevel, SigLevel, etc. I also think
>>> we may need to be a bit more granular than our current
>>> Always/Optional/Never trifecta. We have a multitude of possibilities
>>> when checking a signature:
>>>
>>> * Valid signature, fully trusted (or ultimate,
>>> (GPGME_VALIDITY_{ULTIMATE, FULL}).
>>>
>>> * Valid signature, unknown trust/unknown key (GPGME_VALIDITY_UNKNOWN,
>>> GPGME_SIGSUM_KEY_MISSING).
>>> * Valid signature, trust somewhere in between (marginal,
>>> GPGME_VALIDITY_MARGINAL).
>>>
>>> * Valid signature, user is never valid (GPGME_VALIDITY_NEVER)
>>> * Valid signature, signature is however expired
>>> (GPGME_SIGSUM_SIG_EXPIRED)
>>> * Valid signature, key is however expired (GPGME_SIGSUM_KEY_EXPIRED)
>>> * Bad signature, trust level is irrelevant (GPGME_VALIDITY_RED)
>>>
>>> Thoughts from anyone else on the naming, as well as what to do as far
>>> as expanded options? I've divided it above into roughly 3 categories,
>>> of which the top would always be acceptable, the bottom would never,
>>> and the middle could be a switchable option. I'm envisioning something
>>> like:
>>>
>>> SigLevel = Always AllowUnknown
>>>
>>> [core]
>>> SigLevel = Always
>>>
>>> [otherrepo]
>>> SigLevel = Optional AllowUnknown
>>
>> I should also add that the ability to have a signed database without
>> signed packages could be done this same way; e.g. "SigLevel =
>> NoPackages" or something (maybe even a corresponding "NoDatabase").
>>
>
> That sort of naming scheme sounds fine to me.
>
> How about CheckLevel rather than SigLevel as it is the level of the checking
> that is being done once you add options like "NoPackages"?
Sounds good to me.

> Anyway, we can bikeshed the name later!  But this might actually be a case
> where setting up a wiki page to hash out the configuration format and
> options could be useful.  At least I think it would be helpful to have this
> written down somewhere so I can get it all straight in my head and it could
> be used as the basis of the man page later.
Agreed. Although as far as setting up a wiki page we should probably
first winnow down the multiple ones into one master page so it is a
bit more clear where we are and where we are going as a team (and not
thoughts from two years ago). I'll see if I can tackle this task in
the next day or two as my current round of patches bake a bit on the
ML.

-Dan