Rubygems Trust Model

Austin Ziegler halostatue at gmail.com
Mon Feb 11 21:59:49 UTC 2013


On Mon, Feb 11, 2013 at 4:31 PM, James Tucker <jftucker at gmail.com> wrote:
> All,
>
> We have taken some time to prepare the following document in regard to the
> current trust model, and future goals and requirements. We're looking for
> two things at present, before creating/evaluating proposals:
>
>  * Interested parties (probably larger vendor security team members,
> although may be individual contributors also)
>  * Missed goals/requirements discussions

Thank you. I'm definitely interested in this, and will need to read
the document in more depth, but the focus on keeping the workflow easy
is important. I decided recently to start signing my gems again—which
means that I had to create a new cert pair and the public certs are
published on RubyForge (I use `hoe` for most of my gems, and Ryan has
done a great job of making this part fairly transparent; I had some
issues getting the cert up for the first gem, but…).

One thing that I think will be important with this is whether we
should have more than one "authorized" key/cert for a particular gem
or set of gems, or whether authors can/should have multiple identities
(that is, should my diff-lcs gems be signed with the same cert/key
that mime-types is?).

I also think that, even though it's built on top of rubygems, Bundler
should be part of this overall security discussion.

-a
-- 
Austin Ziegler • halostatue at gmail.comaustin at halostatue.ca
http://www.halostatue.ca/http://twitter.com/halostatue


More information about the RubyGems-Developers mailing list