Re: Revival of the signed debs discussion

To: Matthias Urlichs <smurf@smurf.noris.de>
Cc: Werner Koch <wk@gnupg.org>, debian-devel@lists.debian.org
Subject: Re: Revival of the signed debs discussion
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: 03 Dec 2003 14:42:47 +0100
Message-id: <[🔎] 87zneadnl4.fsf@mrvn.homelinux.org>
In-reply-to: <[🔎] 20031203122602.GA2549@play.smurf.noris.de>
References: <[🔎] 8765h0mzk1.fsf@mrvn.homelinux.org> <[🔎] 1070384670.5053.14.camel@worldmusic.grep.be> <[🔎] 20031202184220.GA23655@khazad-dum.debian.net> <[🔎] pan.2003.12.02.21.16.29.11062@smurf.noris.de> <[🔎] 20031203104109.GB30785@grep.be> <[🔎] 20031203110809.GA29957@play.smurf.noris.de> <[🔎] 87iskynm0b.fsf@alberti.g10code.de> <[🔎] 20031203122602.GA2549@play.smurf.noris.de>

Matthias Urlichs <smurf@smurf.noris.de> writes:

> Hi,
> 
> Werner Koch:
> > There are some minor problems because we don't just sign a hash but
> > need to add some more data.  Creating an incomplete hash on the remote
> > machine is not the cleanest solution, so I have to come up with a
> > better way.
> > 
> You're the GPG expert...
> 
> 
> I'm also a bit concerned about MitM attacks; the hash-or-whatever which
> the local side is supposed to sign should probably be encrypted with the
> signer's public key, otherwise I can just replace the data packet with
> something that ends up signing a totally different file. :-/
> 
> In other words, doing this isn't trivial.

Assume you have a secure connection. A ssh connection will be more
secure than the mail being send around now. Anyone could do a MitM
attack on the changes files being mailed, get his own packages changes
file signed, upload the debs and hope noone notices the build didn't
actually upload its deb.

Encrypting the digest with the public key before sending would only
ensure only the recipient can read it, which is rather pointless for
pretty random bits. You could encrypt or sign it with the buildds gpg
key to ensure the origin of the message. Anything short of a
compromised buildd would be save and a compromised buildd would be
fatal whatever method is used.

MfG
        Goswin

Reply to:

References:
- Revival of the signed debs discussion
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Revival of the signed debs discussion
  - From: Wouter Verhelst <wouter@grep.be>
- Re: Revival of the signed debs discussion
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: Revival of the signed debs discussion
  - From: Wouter Verhelst <wouter@grep.be>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: Revival of the signed debs discussion
  - From: Werner Koch <wk@gnupg.org>
- Re: Revival of the signed debs discussion
  - From: Matthias Urlichs <smurf@smurf.noris.de>

Prev by Date: Re: OT: Smartcards and Physical Security [Was: Re: Backport of the integer overflow in the brk system call]
Next by Date: Re: configuring lilo on package installation
Previous by thread: Re: Revival of the signed debs discussion
Next by thread: Re: Revival of the signed debs discussion
Index(es):
- Date
- Thread