home of the madduck/ blog/
Thoughts on a new upload process

For a couple of months, I've had some ideas floating through my head about how to improve the upload process for Debian and address the following problems:

Here's the scheme I am envisioning, which has its shortcomings, but which seems like an interesting approach worth more thought, at least IMHO:

I am not sure how to do certificates by tools like linda and lintian. I don't see an obvious cryptographic solution to those challenges. In fact, it seems impossible without DRM (yeah, let's DRM lintian and linda & Co.!). But I suppose the question should be: build a system that no DD can crack (why?), or build one that's easy to use so that noone would think about going out of his/her way to subvert it? I tend towards the second... we can always tar-and-feather those that actively subvert the process.

This is all an initial braindump and I am looking forward for your input (on IRC, preferably).

PS: previously I would have sent this off to -devel. Now that I blog, this seems a better place. At least it won't drag with it endless discussions. I really just want to get the idea out right now since I don't have much time to do more anyway.