[00:01] <bigjools> is it my imagination or does http://archive.ubuntu.com/ubuntu/dists/saucy/main/uefi/ not have any checksum files...
[00:04] <wgrant> bigjools: uefi custom uploads are only there for secure boot signing
[00:04] <bigjools> I know ...
[00:04] <wgrant> So for security purposes the checksums aren't necessary
[00:06] <wgrant> Does MAAS need to reliably sync them?
[00:06] <bigjools> yes
[00:06] <wgrant> We could add an index if someone actually has a valid use for it, I suppose.
[00:07] <bigjools> we verify other boot-related files that are downloaded from there
[00:07] <bigjools> seems odd that they are not checksummed too
[00:08] <wgrant> We wanted the initial implementation to be as small as possible while still being functional, in case the format needed changes. If we'd added an index at the start, things would have relied on it and it would have been impossible to fix a mistake later. But now we know that what we have works, so it may be more reasonable to add it.
[00:09] <bigjools> ok
[00:10] <bigjools> maas needs to netboot uefi systems so there's a patch going into maas trusty RSN
[00:11] <wgrant> Can you file a bug? We'll want to discuss it with Foundations.
[00:19] <bigjools> sure
[00:24] <bigjools> https://bugs.launchpad.net/launchpad/+bug/1285919
[00:24] <_mup_> Bug #1285919: uefi archive files don't have signed checksums <Launchpad itself:New> <https://launchpad.net/bugs/1285919>
[00:27] <wgrant> cjwatson: Did you put much thought into this when you did the initial implementation?
[10:14] <cjwatson> bigjools: Why does MAAS need to look in that directory at all?  It's mainly there so that we can fetch from it in the grub2-signed source package's build process, which bundles the result into a .deb.
[10:15] <cjwatson> bigjools: Any code outside of those implementation details should be using the .debs.
[10:15] <cjwatson> (Which isn't to say we shouldn't establish an index; but you should not be using it in MAAS anyway ...)
[10:16] <cjwatson> wgrant: ^-