[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: APT public key updates?

On Thu, Jan 05, 2006 at 11:15:08PM -0800, Thomas Bushnell BSG wrote:

> >> If the key is compromised, which is the only way the non-expiring key
> >> method can be broken, then the expiring key doesn't seem to be
> >> offering all that much additional security.  

> > Indeed it doesn't.  Ideally, if the previous key has been compromised, users
> > would be verifying the integrity of the new key using other signatures; but
> > in the worst case, verifying using the signature from the previous key (if
> > they're disconnected from the web of trust) is no worse than not being able
> > to verify it at all.

> I think I now understand better, and I can better express the
> uncertainty I was groping at.  A key is only as good as the keys that
> sign it.  The reason for rotating the key is that there is some
> non-zero risk that it will be compromised, and this limits exposure.
> But in order to validate the new key, which is only as good as its
> signatures, I must rely on whatever signs the new key.

> I trust AJ.  So I trust AJ to sign the new key correctly.  Surely, it
> seems to me, the risk of AJ allowing his own key to be compromised is
> just about the same as the risk of his allowing the archive key to be
> compromised.  What am I missing?

The exposure of the archive key is higher, because it sits on an
Internet-connected, ssh-accessible server.  Also, you don't have to trust
AJ's key; in contrast with Florian's assessment of the NM-suitability of the
three ftpmasters, one ftp assistant, and one RM who have signed this key so
far :), I would encourage you to log into merkel and verify, directly and
securely, the key at /org/ftp.debian.org/web/ziyi_key_2006.asc; sign it; and
upload your signature to the public keyservers as well, if you are satisfied
that this is the key that is being used on ftp-master.debian.org to sign the

You should *only* do this if you're satisfied that the presence of this file
in the mirror on merkel is adequate evidence that it's the same key in use
on ftp-master.  So trusting that the ssh host key of merkel is authentic,
trusting that someone hasn't compromised both merkel and your network
(pushing matching, invalid keys to you via merkel and a MITM of
http://ftp-master.debian.org), and trusting that the propagation from
ftp-master to merkel is secure.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Attachment: signature.asc
Description: Digital signature

Reply to: