Rubygems Trust Model

Austin Ziegler halostatue at
Mon Feb 11 21:59:49 UTC 2013

On Mon, Feb 11, 2013 at 4:31 PM, James Tucker <jftucker at> wrote:
> All,
> We have taken some time to prepare the following document in regard to the
> current trust model, and future goals and requirements. We're looking for
> two things at present, before creating/evaluating proposals:
>  * Interested parties (probably larger vendor security team members,
> although may be individual contributors also)
>  * Missed goals/requirements discussions

Thank you. I'm definitely interested in this, and will need to read
the document in more depth, but the focus on keeping the workflow easy
is important. I decided recently to start signing my gems again—which
means that I had to create a new cert pair and the public certs are
published on RubyForge (I use `hoe` for most of my gems, and Ryan has
done a great job of making this part fairly transparent; I had some
issues getting the cert up for the first gem, but…).

One thing that I think will be important with this is whether we
should have more than one "authorized" key/cert for a particular gem
or set of gems, or whether authors can/should have multiple identities
(that is, should my diff-lcs gems be signed with the same cert/key
that mime-types is?).

I also think that, even though it's built on top of rubygems, Bundler
should be part of this overall security discussion.

Austin Ziegler • halostatue at gmail.comaustin at

More information about the RubyGems-Developers mailing list