On Mon, 25 Jul 2005, Curt Sampson wrote:

> It's a PITA for users. Do we really want to stick users with the baggage
> of having to deal with two files, and the attendant risk of mismatching
> the two or losing one, if we gain no security benefit from it?

I would much rather see an embedded signature.  This is e.g. how signed Java
archives work.

I'm aware that the detached compression of individual files in the Zip
format used by JARs makes it easier to do verification before files are
extracted.  Even in that case, though, ahead-of-time verification still
requires decompressing all the data, as would be required by a stream-based
compression like gzip.

If a package signature were placed as the first entry in the tarball, it
should be possible using a tar library (do we do this yet?) to verify while
extracting, and simply stop dead and nuke any extracted files if an
unverifiable entry is encountered in the stream.

-- 
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>