--- xml/htdocs/proj/en/glep/glep-0057.html 2008/10/22 18:03:40 1.2 +++ xml/htdocs/proj/en/glep/glep-0057.html 2008/10/28 07:47:52 1.3 @@ -27,9 +27,9 @@
Both processes need their security improved. In [GLEPxx+2] we will discuss +
Both processes need their security improved. In [#GLEPxx+2] we will discuss how to improve the security of the first process. The relatively speaking simpler process of file distribution will be described in -[GLEPxx+1]. Since it can be implemented without having to change the +[#GLEP58]. Since it can be implemented without having to change the workflow and behaviour of developers we hope to get it done in a reasonably short timeframe.@@ -207,7 +209,7 @@ fully authorized to provide materials for distribution. Partial protection can be gained by Portage and Infrastructure changes, but the real improvements needed are developer education and continued -vigilance. This is further discussed in [GLEPxx+2]. +vigilance. This is further discussed in [#GLEPxx+2].
This security is still limited in scope - protection against compromised developers is very expensive, and even complex systems like peer review / multiple signatures can be broken by colluding developers. There are many @@ -220,7 +222,7 @@ that Gentoo infrastructure and the mirrors are not a weak point. This objective is actually much closer than it seems already - most of the work has been completed for other things!. This is further discussed in -[GLEP58]. As this process has the most to gain in security, and the +[#GLEP58]. As this process has the most to gain in security, and the most immediate impact, it should be implemented before or at the same time as any changes to process #1. Security at this layer is already available in the signed daily snapshots, but we can extend it to cover @@ -378,7 +380,7 @@