Re: Revival of the signed debs discussion
Matthias Urlichs <firstname.lastname@example.org> writes:
> Werner Koch:
> > There are some minor problems because we don't just sign a hash but
> > need to add some more data. Creating an incomplete hash on the remote
> > machine is not the cleanest solution, so I have to come up with a
> > better way.
> You're the GPG expert...
> I'm also a bit concerned about MitM attacks; the hash-or-whatever which
> the local side is supposed to sign should probably be encrypted with the
> signer's public key, otherwise I can just replace the data packet with
> something that ends up signing a totally different file. :-/
> In other words, doing this isn't trivial.
Assume you have a secure connection. A ssh connection will be more
secure than the mail being send around now. Anyone could do a MitM
attack on the changes files being mailed, get his own packages changes
file signed, upload the debs and hope noone notices the build didn't
actually upload its deb.
Encrypting the digest with the public key before sending would only
ensure only the recipient can read it, which is rather pointless for
pretty random bits. You could encrypt or sign it with the buildds gpg
key to ensure the origin of the message. Anything short of a
compromised buildd would be save and a compromised buildd would be
fatal whatever method is used.