On Mon, Jan 09, 2006 at 04:03:41PM +1300, Nick Phillips wrote: > On Fri, Jan 06, 2006 at 04:04:56AM -0800, Steve Langasek wrote: > > far :), I would encourage you to log into merkel and verify, directly and > > securely, the key at /org/ftp.debian.org/web/ziyi_key_2006.asc; sign it; and > > upload your signature to the public keyservers as well, if you are satisfied > > that this is the key that is being used on ftp-master.debian.org to sign the > > archive. > > You should *only* do this if you're satisfied that the presence of this file > > in the mirror on merkel is adequate evidence that it's the same key in use > > on ftp-master. So trusting that the ssh host key of merkel is authentic, > > trusting that someone hasn't compromised both merkel and your network > > (pushing matching, invalid keys to you via merkel and a MITM of > > http://ftp-master.debian.org), and trusting that the propagation from > > ftp-master to merkel is secure. > Do we make a habit of asking ftpmasters to bring the archive keys > along to keysignings? How many ftpmasters would we want to stand up > and tell us that they key in question really is the one that is used > to sign the archives before we should agree to sign it?... From a web-of-trust standpoint, this means that, rather than giving others the opportunity to decide for themselves whether they trust the ftpmaster in question, you're making this decision on their behalf. So the true paranoid answer here is "all of them", as that's the only defense against one or more of the ftpmasters trying to fake their own key in a way that the other ftpmasters don't notice right away. :) OTOH, if you're happy to ignore this argument, then one ftpmaster standing up should be plenty; and shorter transitive trust paths are definitely to the community's advantage here. (That's basically why I sign the archive keys myself instead of just letting everyone trust the ftpmasters' signatures, after all -- there are people who are a short hop away from my key in the web of trust that may have farther to go to reach an ftpmaster, and vice versa.) This does seem largely equivalent to logging into merkel and checking the file there, anyway; you're trading "merkel is compromised and no one knows it" for "an ftpmaster is compromised and no one knows it" as the weakness of the check. For bonus security, it'd be nice if any DD who checked the fingerprint from an ftpmaster in person would also grab the key from merkel. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature