Re: Compiling gnat into gcc-2.8.0

[kilgallen@eisner.decus.org (Larry Kilgallen)]

In article <m3yayxgl71.fsf@fred.muc.de>, Andi Kleen <ak@muc.de> writes:
> dewar@merv.cs.nyu.edu (Robert Dewar) writes:
> 
>> 
>> There is of course no technical basis for such a claim. It probably stems
>> from the concern that if the sources are available, then anyone can modify
>> them. This is of course true, and there is no doubt that getting a version
>> of GNAT that has been modified by person or persons unknown, or may have
>> been modified in such a way, is potentially risky. We always warn people
>> that one of the issues in using the public version is that there is no
>> guarantee that we can provide that what you get corresponds to what we
>> initially distributed. It is most unlikely that anyone would have tampered
>> with the public distribution, but it is entirely out of our control.
> 
> One way around this would be if ACT would publish PGP signatures of the
> binary and source tar balls of the public gnat releases. Of course there
> is still a lower risk that someone changes the signatures, but assuming
> the web of trust works and that the signatures are widely published (e.g.
> posted to Usenet etc.) this is a rather save choice.

If I were an ACT customer, I would prefer the first priority be to sign
CDROms distributed to paying customers (or is that done already?).

Some of the paranoid would want the signature to be hierarchy-based
and tied to a root from GTE or Verisign rather than the "Web of Trust"
method of PGP.  The nice thing about digital signatures, however, is that
you can sign the same thing several times to satisfy various constituencies.

Larry Kilgallen