Re: xz backdoor

To: debian-devel@lists.debian.org
Subject: Re: xz backdoor
From: Arto Jantunen <viiru@debian.org>
Date: Sun, 31 Mar 2024 22:23:10 +0300
Message-id: <[🔎] 87le5yb3z5.fsf@iki.fi>
In-reply-to: <[🔎] 5094215.LvFx2qVVIh@turnagra> (Didier Raboud's message of "Sun, 31 Mar 2024 21:09:07 +0200")
References: <[🔎] 87a5mgkcn4.fsf@hope.eyrie.org> <[🔎] ZglFV8AaD7nqtjuk@teal.hq.k1024.org> <[🔎] 87frw6y3jm.fsf@daath.pimeys.fr> <[🔎] 5094215.LvFx2qVVIh@turnagra>

Didier 'OdyX' Raboud <odyx@debian.org> writes:

> Le dimanche, 31 mars 2024, 14.37:08 h CEST Pierre-Elliott Bécue a écrit :
>> I would object against creating a PGP key on the HSM itself. Not having
>> the proper control on the key is room for disaster as soon as you lose
>> it or it dies.
>
> For subkeys, isn't that a benefit rather than a disadvantage?
>
> You lose the key, or it gets destroyed / unusable; good, you get a new subkey 
> instead of reusing the existing one on a different HSM.

For the authentication and signing subkeys this is indeed true. For the
encryption subkey significantly less so (as things encrypted against
that key then become impossible to decrypt).

Personally I have generated the signing and authentication subkeys on
the HSM itself (and thus at least in theory they cannot leave the HSM),
and the encryption subkey I have generated on an airgapped system and
stored on the HSM after making a couple of backups.

-- 
Arto Jantunen

Reply to:

References:
- Re: xz backdoor
  - From: Russ Allbery <rra@debian.org>
- Re: xz backdoor
  - From: Iustin Pop <iustin@debian.org>
- Re: xz backdoor
  - From: Pierre-Elliott Bécue <peb@debian.org>
- Re: xz backdoor
  - From: Didier 'OdyX' Raboud <odyx@debian.org>

Prev by Date: Re: xz backdoor
Next by Date: Re: xz backdoor
Previous by thread: Re: xz backdoor
Next by thread: Re: xz backdoor
Index(es):
- Date
- Thread