i'd like to be able to prevent inclusion of packages that have not been signed by a trusted key.
Detailed Description
by default the aptly-api does signature checks on the packages to be included via POST /api/repos/:name/include/:dir.
however, the uploader can simply circumvent this by specifying either ignoreSignature or acceptUnsigned within the JSON-payload.
i would love to have an option to only accept packages that have been signed by a trusted key.
Context
i'd like to be able to upload packages to aptly via the API.
currently the only way to secure such an upload to a public server is by using http-auth via a proxy server.
however, aptly already has an additional security measure that seems to be on-par with the standard Debian upload mechanism (dput): the requirement to sign packages with a key that is in a trusted keyring.
unfortunately, allowing the API to ignore the signature, makes it kind-of useless for this purpose.
i'd like to be able to prevent inclusion of packages that have not been signed by a trusted key.
Detailed Description
by default the aptly-api does signature checks on the packages to be included via
POST /api/repos/:name/include/:dir
. however, the uploader can simply circumvent this by specifying eitherignoreSignature
oracceptUnsigned
within the JSON-payload.i would love to have an option to only accept packages that have been signed by a trusted key.
Context
i'd like to be able to upload packages to aptly via the API. currently the only way to secure such an upload to a public server is by using http-auth via a proxy server. however, aptly already has an additional security measure that seems to be on-par with the standard Debian upload mechanism (
dput
): the requirement to sign packages with a key that is in a trusted keyring. unfortunately, allowing the API to ignore the signature, makes it kind-of useless for this purpose.