Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]

To: Jonathan McDowell <noodles@earth.li>
Cc: 707006@bugs.debian.org, debian-live@lists.debian.org
Subject: Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
From: Evgeny Kapun <abacabadabacaba@gmail.com>
Date: Sun, 06 Apr 2014 04:34:00 +0400
Message-id: <[🔎] 5340A0F8.2020300@gmail.com>
In-reply-to: <[🔎] 20140406000221.GL24850@earth.li>
References: <E1WREr3-0005Kr-RI@mail.einval.com> <[🔎] 20140402034525.GO24850@earth.li> <[🔎] 533C5E92.6030801@gmail.com> <[🔎] 20140402205016.GR24850@earth.li> <[🔎] 533CCB14.6050709@gmail.com> <[🔎] 20140406000221.GL24850@earth.li>

06.04.2014 04:02, Jonathan McDowell wrote:
> You're making an assumption that the key on the filesystem at
> /usr/share/keyrings/debian-role-keys.gpg is the right one, which relies
> on a whole extra chain of trust which I referred to above.

If the keys are in /usr/share/keyrings/debian-role-keys.gpg, their authenticity is verified by APT during installation. If the user doesn't trust the verification performed by APT, he should not trust the system anyway. Therefore, the user can generally trust the keys in /usr/share/keyrings/debian-role-keys.gpg without any additional verification.

By the way, GPG makes it rather nontrivial to securely verify a trust path from key A to key B without marking the key A as trusted. For example, there is no option to print a fingerprint of a key which is used to sign a given key, and matching keys by ID is not secure, since an attacker can forge a key with the same ID as that of a legitimate key.

Reply to:

References:
- Re: [nikcub@gmail.com: Live CD keys missing from key server]
  - From: Jonathan McDowell <noodles@earth.li>
- Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
  - From: Evgeny Kapun <abacabadabacaba@gmail.com>
- Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
  - From: Jonathan McDowell <noodles@earth.li>
- Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
  - From: Evgeny Kapun <abacabadabacaba@gmail.com>
- Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
  - From: Jonathan McDowell <noodles@earth.li>

Prev by Date: Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
Next by Date: Re: nicer option for enabling persistence than hexediting isolinux/live.cfg?
Previous by thread: Re: Bug#707006: [nikcub@gmail.com: Live CD keys missing from key server]
Next by thread: Live system's /etc/inittab
Index(es):
- Date
- Thread