Re: Salsa update: no more "-guest" and more
Paride Legovini <paride@debian.org> writes:
> It's still one static shared secret you need to enter every time. If it
> gets stolen, because your browser or your computer is compromised, or in
> a MITM attack where the attacker gained access to a valid certificate
> for salsa.debian.org [1,2], your account is gone. It gets much, much
> more difficult with 2FA.
If we're concerned about CA attacks on debian.org servers, it's worth
noting that (a) most of us run Debian for obvious reasons, and (b) the
entire *point* of Debian is to safely and securely put configuration onto
all of our machines, which together mean that implementing certificate
pinning for our own infrastructure is entirely doable.
--
Russ Allbery (rra@debian.org) <https://www.eyrie.org/~eagle/>
Reply to: