Received: from st43p00im-ztdg10071801.me.com (st43p00im-ztdg10071801.me.com [17.58.63.171]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id C31E1782BEE for <~alpine/devel@lists.alpinelinux.org>; Sat, 13 Jun 2020 23:48:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=me.com; s=1a1hai; t=1592092099; bh=trELb07ZSIFvQRnmHi/JjP1T3M6vgB2bEMZgCz9QQaU=; h=Date:From:To:Subject:Message-ID:Content-Type; b=ldl3dtAzgk076i1sAfJ+KgixoSFBsN0FcyO6y3nnFL8+J7xreavU1CdTnVhVixhXL 0pazWk+Lm7sIJyZ+K/TJ7pvUzXP2eeSDNOLm4ps0Fa/4HJryZ9K+D/itzFjfWodkwK jrVSk12ZOpExxvu5VjKX3FQ95Dn67uUzfj5k3DuCn0iIh+B+0GCZHpqJ/tNnHbv2JB D6RWjuOsmVSfw098Fk9pC/xWys2txITMfO2lAcs+EyQL4gQTvdG7bo+Cmb7WsGy7J2 QwCF9E6B04FSGh4VYhwbI14pekPR24k8BSPhsAm4KEh8GxO0Mt/gAQV3sBppXbR+KV hjHJQckWWx30g== Received: from sachiel (unknown [71.239.125.199]) by st43p00im-ztdg10071801.me.com (Postfix) with ESMTPSA id D359D54025F for <~alpine/devel@lists.alpinelinux.org>; Sat, 13 Jun 2020 23:48:18 +0000 (UTC) Date: Sat, 13 Jun 2020 18:55:57 -0500 From: Max Rees To: ~alpine/devel@lists.alpinelinux.org Subject: Re: How to protect repository's private key? Message-ID: <20200613235557.GA28845@sachiel> Mail-Followup-To: ~alpine/devel@lists.alpinelinux.org References: <20200613212426.kqtzbohhnfme4lhn@wolfsden.cz> <20200613230641.muuz6ombwesu5p5r@wolfsden.cz> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: base64 In-Reply-To: <20200613230641.muuz6ombwesu5p5r@wolfsden.cz> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216,18.0.687 definitions=2020-06-13_11:2020-06-12,2020-06-13 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2004280000 definitions=main-2006130211 T24gU3VuIEp1biAxNCAwMTowNiBBTSwgV29sZiB3cm90ZToNCj4gSXMgdGhhdCBzb21ld2hlcmUg YXZhaWxhYmxlIHNvIHRoYXQgSSBjYW4gdGFrZSBhIHBlZWs/IFNlYXJjaGluZyBmb3INCj4gYEFQ SyBGb3VuZHJ5JyBnYXZlIGJlIGJ1bmNoIG9mIGFuZHJvaWQtcmVsYXRlZCBwYWdlcy4NCg0KaHR0 cHM6Ly9jb2RlLmZveGtpdC51cy9zcm9yYWNsZS9hcGtmb3VuZHJ5DQoNCkl0IGlzIHN0aWxsIGEg d29yayBpbiBwcm9ncmVzczsgbm90YWJseSBpdCByZXF1aXJlcyBhIHBhdGNoZWQgYWJ1aWxkIHNv DQp0aGF0IGl0IGNhbiBpbnRlcnBvc2Ugc29tZSBwcml2aWxlZ2VkIGZ1bmN0aW9uYWxpdHkgYW5k IGFsbG93IGZvcg0KYnVpbGRpbmcgcGFja2FnZXMgb3V0c2lkZSBvZiB0aGUgYXBvcnRzIGdpdCBy ZXBvc2l0b3J5LiBJIGhhdmVuJ3QgZ290dGVuDQphcm91bmQgdG8gdXBzdHJlYW1pbmcgdGhvc2Ug cGF0Y2hlcyB5ZXQsIGJ1dCB0aGV5IGNhbiBiZSBmb3VuZCBvbiB0aGlzDQpicmFuY2g6DQoNCmh0 dHBzOi8vY29kZS5mb3hraXQudXMvYWRlbGllL2FidWlsZC9jb21taXRzL2Fwa2ZvdW5kcnkNCg0K QWRkaXRpb25hbGx5IGZvciBBbHBpbmUgaXQgcmVxdWlyZXMgYSBjb3B5IG9mIGJ3cmFwIHRoYXQg cnVucyB3aXRob3V0DQp0aGUgc2V0dWlkIGJpdCBzZXQgb24gdGhlIGJpbmFyeS4gV2UgaGF2ZSBz dWNoIGEgY29weSBwYWNrYWdlZCBmb3INCkFkw6lsaWUgYnV0IEkgZG9uJ3QgdGhpbmsgQWxwaW5l IGhhcyBvbmU7IHlvdSBjb3VsZCBwcm9iYWJseSBqdXN0IG1ha2UNCnlvdXIgb3duLg0KDQpPbmNl IHlvdSBoYXZlIHRob3NlIGNvbXBvbmVudHMgaW4gcGxhY2UgeW91IHNob3VsZCBiZSBhYmxlIHRv IHJ1biAibWFrZQ0KcXVpY2tzdGFydCIsIGFkanVzdCB5b3VyIFBZVEhPTlBBVEggYW5kIFBBVEgs IGFuZCBzdGFydCB3b3JraW5nIHdpdGggaXQuDQpJIHJlYWxseSB3YW50IHRvIGRvY3VtZW50IHRo aXMgYWxsIGFzIGEgInF1aWNrIHN0YXJ0IiBndWlkZSwganVzdA0Kc3RhcnZlZCBmb3IgdGltZSBh dCB0aGUgbW9tZW50LiBBcyBhIHJlZmVyZW5jZSB1bnRpbCB0aGF0IGRvY3VtZW50YXRpb24NCmlz IGNvbXBsZXRlLCB0aGlzIGlzIHRoZSBjb25maWd1cmF0aW9uIEkndmUgYmVlbiB1c2luZyB3aXRo IGl0Og0KDQpodHRwczovL2NvZGUuZm94a2l0LnVzL3Nyb3JhY2xlL2FmLWNvbmZpZw0KDQpZb3Ug anVzdCBkcm9wIHRoYXQgYXMgYW4gLmFwa2ZvdW5kcnkgZm9sZGVyIGluIHRoZSByb290IG9mIHlv dXINCmFwb3J0cy5naXQgY2xvbmUuIFdvdWxkIG5lZWQgc29tZSBhZGp1c3RpbmcgYXMgd2VsbCBm b3IgQWxwaW5lIG9mIGNvdXJzZQ0KOikNCg0KPiBJJ3ZlIGRvbmUgdGhhdCBhbHJlYWR5IFswXSA6 KSAuIFRoZSBpc3N1ZSBpcyB0aGF0IGFidWlsZC1nenNwbGl0DQo+IGV4cGxpY2l0bHkgY2hlY2tz IGZvciBuYW1lcyBvZiBlbnRyaWVzIFsxXSwgd2hpY2ggYnJva2Ugd2hlbiB0aGV5IHdlcmUNCj4g c3dpdGNoZWQgdG8gdXNlIFBheEhlYWRlcnMgaW4gNjYwZjc5M2Q2ZGU2MjkxMjA0YmEwNDRlMDNi Mzc4MjZkMmU3OGU4OA0KPiBbMl0uIFNhZGx5IEkgZG8gbm90IGhhdmUgZW5vdWdoIGtub3dsZWRn ZSB0byBiZSBjb25maWRlbnQgZW5vdWdoIHRvIHB1dA0KPiBmb3J3YXJkIGEgcGF0Y2ggZm9yIHRo aXMuDQo+IA0KPiBbMF0gaHR0cHM6Ly9naXRsYWIuYWxwaW5lbGludXgub3JnL2FscGluZS9hYnVp bGQvLS9pc3N1ZXMvOTk5OQ0KPiBbMV0gaHR0cHM6Ly9naXRsYWIuYWxwaW5lbGludXgub3JnL2Fs cGluZS9hYnVpbGQvLS9ibG9iL21hc3Rlci9hYnVpbGQtZ3pzcGxpdC5jI0wzNg0KPiBbMl0gaHR0 cHM6Ly9naXRsYWIuYWxwaW5lbGludXgub3JnL2FscGluZS9hYnVpbGQvLS9jb21taXQvNjYwZjc5 M2Q2ZGU2MjkxMjA0YmEwNDRlMDNiMzc4MjZkMmU3OGU4OA0KDQpBcyBJIGp1c3QgbWVudGlvbmVk IGluIHRoZSBpc3N1ZSwgQWTDqWxpZSBoYXMgYmVlbiB1c2luZyBQQVggZm9ybWF0IGFwa3MNCmZv ciBhIHdoaWxlIG5vdyBhbmQgSSBoYWQgdG8gZml4IHRoaXMgdmVyeSBpc3N1ZTsgSSB3aWxsIHNl bmQgdGhlIHBhdGNoDQpmb3IgaXQgdXBzdHJlYW0uIEl0J3MgYWxyZWFkeSBpbnRlZ3JhdGVkIGlu dG8gQWTDqWxpZSdzIGFidWlsZC4NCg0KPiBBcyBhIHNpZGUgbm90ZSwgd291bGQgeW91IGtub3cg aWYgdGhlcmUgaXMgYSByZWFzb24gd2h5IGFidWlsZCBkb2VzIG5vdA0KPiBoYXZlIGFueSB0ZXN0 cz8gTGlrZSwgdGhpcyB3b3VsZCBiZSBmb3VuZCBieSAqYW55KiB0ZXN0IHN1aXRlIGNoZWNraW5n DQo+IGJhc2ljIGZ1bmN0aW9uYWxpdHkuIElzIGl0IG1hdHRlciBvZiBpZGVvbG9neSBvciBqdXN0 IG5vIG9uZSBoYWQgdGltZSB0bw0KPiB3cml0ZSB0aGVtPw0KDQpBZMOpbGllIGhhcyBhIHJ1ZGlt ZW50YXJ5IHRlc3Qgc3VpdGUgZm9yIGFidWlsZCBhbmQgbmV3YXBrYnVpbGQgKGJ1dCBub3QNCmFu eSBvZiB0aGUgb3RoZXIgdXRpbGl0aWVzIG5vdGFibHkpOg0KDQpodHRwczovL2NvZGUuZm94a2l0 LnVzL2FkZWxpZS9hYnVpbGQvLS90cmVlL21hc3Rlci90ZXN0cw0KDQpJIHRoaW5rIHRoaXMgd2Fz IHN1Ym1pdHRlZCBhcyBhIFBSIHRvIHVwc3RyZWFtIHdoZW4gaXQgd2FzIHN0aWxsIG9uDQpHaXRI dWIgYnV0IGl0IHdhcyBuZXZlciBtZXJnZWQuIEkgdGhpbmsgaXQgaXMgbW9zdGx5IGR1ZSB0byBs YWNrIG9mIHRpbWUNCnRvIHdvcmsgb24gaXQsIG5vdCBpZGVvbG9neS4NCg0KV2hlbiBJIHdhcyB3 b3JraW5nIG9uIGEgUHl0aG9uIGltcGxlbWVudGF0aW9uIG9mIGFidWlsZCwgSSB3cm90ZSBhbiBl dmVuDQptb3JlIGV4dGVuc2l2ZSB0ZXN0IHN1aXRlIGZvciBpdDoNCg0KaHR0cHM6Ly9jb2RlLmZv eGtpdC51cy9zcm9yYWNsZS9weTMtYWJ1aWxkLy0vdHJlZS9tYXN0ZXIvdGVzdHMNCg0KSG93ZXZl ciB0aGF0IHByb2plY3QgaXMgb24gaG9sZCBmb3Igbm93Lg0KDQo+IFRoYXQncy4uLiBzYWQgc3Rh dGUgb2YgdGhpbmdzLiBJIHdpbGwgcHJvYmFibHkgZW5kLXVwIHdpdGggcGF0Y2hlZA0KPiBhYnVp bGQgdGhhdCB3aWxsIGp1c3Qgbm90IGNhbGwgYWJ1aWxkLXNpZ24gYXMgYSB0ZW1wb3Jhcnkgd29y a2Fyb3VuZC4NCj4gDQo+IERvIHlvdSB0aGluayBpdCB3b3VsZCBiZSB1c2VmdWwgdG8gYWN0dWFs bHkgaGF2ZSBzdWNoIGEgZmxhZyBhcyBhbg0KPiBvcHRpb24gKD09IHNob3VsZCBJIHRyeSB0byBk byBpdCBpbiBwcm9wZXIgd2F5IGFuZCB1cHN0cmVhbSBpdCk/DQoNClRoaXMgaXMgYW4gaW50ZXJl c3RpbmcgaWRlYS4gSSB3b3VsZCBoYXZlIHRvIHRoaW5rIG1vcmUgYWJvdXQgd2hhdCB0aGUNCnBy by9jb25zIGFyZSBvZiBzaWduaW5nIGFmdGVyIGVhY2ggYnVpbGQgaW5zdGVhZCBvZiByZS1zaWdu aW5nIGl0IGFsbCBhdA0KdGhlIGVuZCwgYnV0IGl0IHNlZW1zIHdvcnRod2hpbGUgdG8gbWUgb2Zm IHRoZSB0b3Agb2YgbXkgaGVhZC4NCg0KTWF4