[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: https for apt to prevent man in middle transparent proxy mirror attacks?

On Wed, Jun 09, 2004 at 06:44:42AM -0700, Karl Hegbloom wrote:

> I think that Debian should have it's own internal PKI, and server keys

It already has. I believe the version of apt in experimental can verify
the authenticity of the packages it downloaded for you.

> validated by a third party?  At the bank, when they empty the teller
> machine, they send two people to do it.  They call this "double
> custody".  It's thought that two individuals are less likely to form a
> Government and corporate users who are somewhat paranoid can set up a
> quarantine mirror, mirror only source packages, and set up a build

Be reasonable. Debian is a software distribution for the general public.
It is not a bank, it is not specifically targetted to government or
corporate users. Lets first deal with the problem of making it secure
enough for the general public.

> Perhaps uploading of binary packages should be done away with
> altogether, and all packages should be built on known secure servers by
> a build daemon?  It's easier to verify the source code and patches than

Almost noone is going to verify all the source code they are going to
run on their systems. If they don't, then binaries are just as safe as
source code, so lets forget about that.

> I'm not going to GNU-pg sign this since we aren't sure if I'm really who
> I say I am anyhow... and what I've said is likely valid no matter who I
> really am.  (Or who I think I am.)

If your PGP key was signed by trustworthy people there could be a trust
path from me to your key, and then I'd know who you are. Even if your
key wasn't signed by anyone, I could look at your signature and
determine if follow up messages have been sent by the same person.

Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus@sliepen.eu.org>

Attachment: signature.asc
Description: Digital signature

Reply to: