perfsonar development work

[Nicolas Simar <>]

Yes.

Nicolas

Sasa Cavara wrote:
> On Wed, Oct 01, 2008 at 10:47:52AM +0200, Nicolas Simar wrote:
>> Hi Anton,
>>
>> can you please create the following email address:
>> - 
>> 
> 
> i guess that we are going to go with 
> .
>  
> 
>> and add behind it 
>> 
>>  and 
>> 
>>
>> Best regards,
>> Nicolas
>>
>> Sasa Cavara wrote:
>>> On Tue, Sep 30, 2008 at 05:06:00PM +0200, Verena Venus wrote:
>>>> Hi Gijs,
>>>>
>>> Hi gang,
>>>
>>> Then let get the ball rolling..
>>>
>>>> Am Dienstag, 30. September 2008 16:39:07 schrieb Gijs Molenaar:
>>>>> I never talked about this, but it is actually something that should be
>>>>> done. I was trying to do this with Loukik a couple of months ago, but
>>>>> loukik is gone (may he rest in peace).  I don't have the time to do this
>>>>> anymore now, but I thought it would be good to share my idea about this.
>>>>>
>>>>> To resolve the 'package is not signed' error/warning during package
>>>>> installation from the repository do the following:
>>>>>
>>>>> 1> let somebody create a perfsonar key email adres 
>>>>> (
>>>>>  or
>>>>> whatever) and let this forward to you and other people responsible for
>>>>> security/packages/repository.
>>> Nicolas, who should I contact (or you can do it :D) in order to get this 
>>> email 
>>> address created. 
>>> 
>>>  
>>> (
>>>  as  backup option) sounds good. 
>>> 
>>>  could be backup option :). after that i can start with PGP stuff :)
>>>
>>> take care,
>>>
>>>>> 2> Create a PGP key pare with this e-mail
>>>>>
>>>>> 3> Put the public key on the downloads server
>>>>>
>>>>> 4> Sign the RPMs and DEBs with the (private) key (see man pages of rpm
>>>>> and dpkg)
>>>>>
>>>>> 5> Modify installation instructions so that people add the public
>>>>> perfsonar key to their yum/apt config.
>>>>>
>>>>> For example virtualbox does it like this (www.virtualbox.org) for 
>>>>> debian:
>>>>> wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc
>>>>> -O- | sudo apt-key add -
>>>>>
>>>>> This is also possible for yum.
>>>>>
>>>>> 5> Put the signed packages in the repository.
>>>>>
>>>>> 6> Put the key on a _safe_ place and _don't_ lose it or get it 
>>>>> compromised.
>>>>>
>>>>> if this is too difficult to do, or time is too short, you can add the
>>>>> --nogpgcheck option to yum to install the packages anyway, but this is
>>>>> UGLY and not secure.
>>>> In fact, that's the only way to make it work right now, and I would 
>>>> appreciate 
>>>> it, if we could get rid of this.
>>>>
>>>> If Sasa is taking care of the PGP stuff it should be no problem to use 
>>>> it for 
>>>> this release. I don't think, it is that much time consuming or 
>>>> complicated 
>>>> for developers to sign a package :)
>>>>
>>>> Regards,
>>>> Verena
>>>> -- 
>>>> Verena Venus, DFN-Labor
>>>> Friedrich-Alexander-Universität Erlangen-Nürnberg
>>>> Regionales RechenZentrum Erlangen (RRZE)
>>>> Martensstraße 1, 91058 Erlangen, Germany
>>>> Tel. +49 9131 85-28738, -28800, Fax +49 9131 302941
>>>> 
>>>> 
>>>> www.win-labor.dfn.de
>> -- 
>> Nicolas
>> ______________________________________________________________________
>>
>> Nicolas Simar
>> Network Engineer
>>
>> DANTE - www.dante.net
>>
>> Tel - BE: +32 (0) 4 366 93 49
>> Tel - UK: +44 (0)1223 371 300
>> Mobile: +44 (0) 7740 176 883
>>
>> City House, 126-130 Hills Road
>> Cambridge CB2 1PQ
>> UK
>> _____________________________________________________________________
>>
>>
>>      
>>                                      
> 

-- 
Nicolas
______________________________________________________________________

Nicolas Simar
Network Engineer

DANTE - www.dante.net

Tel - BE: +32 (0) 4 366 93 49
Tel - UK: +44 (0)1223 371 300
Mobile: +44 (0) 7740 176 883

City House, 126-130 Hills Road
Cambridge CB2 1PQ
UK
_____________________________________________________________________