[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fingerprint of the archive signing key

also sprach Andrew Suffield <asuffield@debian.org> [2004.06.29.0250 +0200]:
> SSL adds approximately zero security unless you validate the
> server certificate. I bet you've never done that in your life for
> https.

Of course not; I am also stupid. Just so you know.

Gosh, I love the Debian developer attitude.

> The "Official CAs" are so insecure they are a joke.

I am not claiming that they provide ultimate solutions, nor am
I claiming this to be a flawless approach. Security is about making it
difficult, and SSL just adds another layer. If you don't get that,
then go and play in the sandbox. While I certainly don't trust CAs
like VeriSign among others, I can, for instance, only speak
positively of the Trustcenter Level 3 and Level 4 certificates. Say
what you want, but those things are not easy to get.

So it sucks that the CAs from the fast food country will issue CAs
within minutes and screw the reputation of all the others. Fact is
that SSL is quite secure if done right, and yes, lo and behold,
there are still companies out there that value quality over money
and market share. These are probably not to be found in credit card
country though.

> I bet you don't have a secure path to trust them.

Yes, in fact, for Trustcenter I do.

> And you shouldn't trust them even if they did; they'll hand out
> a certificate to anybody. Their purpose is to provide a comfort
> blanket to stupid people so that they don't feel scared about
> handing their credit card number over as blithely on the internet
> as they do in most shops.

Apparently you haven't made it outside of the consumer Internet yet.

> Trying to secure a credit card transaction online is a waste of
> time; credit cards are inherantly insecure. *Nobody tries*. They
> just put up a convincing simulation to stop people giving them
> flak over "security". Trying to leverage this infrastructure to
> provide real security is futile, because it was not designed to
> have any.

So what does this have to do with my proposal to provide an
authentication mechanism for our archive signing key?

Or should Debian just continue to be second-grade when it comes to

Please do not CC me when replying to lists; I read them!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: