[raesene5]

that's interesting. Any pointers to package stores that do a better job on security? I'm researching the area a bit at the moment and I've not seen a lot of good practice out there, so would be interesting to have some good examples to hold up.

[nailer]

Fedora and RHEL have had mandatory signing since before either existed (back when it was RHL).

Debian has had what we'd call 'EV' level security these days for about 15 years - people bringing their passports in and reading out their GPG public keys at LUGs.

[thinkmoore]

We haven't developed far enough for a package store at this point, but this is one of the use cases we're hoping to explore as part of our capability-based shell scripting language: shill-lang.org.

[raesene5]

cool. If you're looking for thoughts about threat models and ways to do it http://theupdateframework.com/index.html seems to have some good info.