Closed jjarmoc closed 10 years ago
Signing will be handled at a completely separate level using The Update Framework. It's a separate effort to add security assurances to gems, and I don't want to implement it partway andake things seem secure while not being secure.
On Mon, Mar 24, 2014 at 6:04 PM, Jeff Jarmoc notifications@github.com wrote:
The new index format looks like an improvement. I wonder though, what format the 'checksum' is in. Is it literally a CRC? Might there be an opportunity here to supplement it with a cryptographic signature? Even if optional, it'd be great for the gem maintainer to be able to sign, and provide a signature which is then verified when loading the gem. Imperfect, since the signature is hosted alongside the gem, but perhaps a worthwhile improvement?
Nice work in any case, just my poorly thought out $.02 for what it's worth.
Reply to this email directly or view it on GitHub: https://github.com/bundler/new-index/issues/2
Fair enough. I agree that it's not an insignificant undertaking, and it's better to be done right the first time rather than a half-solution.
The new index format looks like an improvement. I wonder though, what format the 'checksum' is in. Is it literally a CRC? Might there be an opportunity here to supplement it with a cryptographic signature? Even if optional, it'd be great for the gem maintainer to be able to sign, and provide a signature which is then verified when loading the gem. Imperfect, since the signature is hosted alongside the gem, but perhaps a worthwhile improvement?
Nice work in any case, just my poorly thought out $.02 for what it's worth.