[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Salsa update: no more "-guest" and more

Paride Legovini <paride@debian.org> writes:

> It's still one static shared secret you need to enter every time. If it
> gets stolen, because your browser or your computer is compromised, or in
> a MITM attack where the attacker gained access to a valid certificate
> for salsa.debian.org [1,2], your account is gone. It gets much, much
> more difficult with 2FA.

If we're concerned about CA attacks on debian.org servers, it's worth
noting that (a) most of us run Debian for obvious reasons, and (b) the
entire *point* of Debian is to safely and securely put configuration onto
all of our machines, which together mean that implementing certificate
pinning for our own infrastructure is entirely doable.

Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>

Reply to: