Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security

To: Jonathan Nieder <jrnieder@gmail.com>
Cc: 810381@bugs.debian.org
Subject: Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
From: Russ Allbery <rra@debian.org>
Date: Thu, 31 Aug 2017 19:22:29 -0700
Message-id: <[🔎] 87val3upi2.fsf@hope.eyrie.org>
Reply-to: Russ Allbery <rra@debian.org>, 810381@bugs.debian.org
In-reply-to: <[🔎] 20170901014904.GE30568@aiede.mtv.corp.google.com> (Jonathan Nieder's message of "Thu, 31 Aug 2017 18:49:04 -0700")
References: <89C67432-0788-42A0-AFE7-5F987306BD58@kitterman.com> <20160108162332.15659.58769.reportbug@kitterma-E6430> <8760ddk354.fsf@hope.eyrie.org> <20160108162332.15659.58769.reportbug@kitterma-E6430> <87valcadlu.fsf@iris.silentflame.com> <20160108162332.15659.58769.reportbug@kitterma-E6430> <87inhcljpo.fsf@hope.eyrie.org> <20160108162332.15659.58769.reportbug@kitterma-E6430> <20170831215001.GA30568@aiede.mtv.corp.google.com> <[🔎] 87mv6fw70q.fsf@hope.eyrie.org> <20160108162332.15659.58769.reportbug@kitterma-E6430> <[🔎] 20170901014904.GE30568@aiede.mtv.corp.google.com> <20160108162332.15659.58769.reportbug@kitterma-E6430>

Jonathan Nieder <jrnieder@gmail.com> writes:

>  C. You have transport-level integrity protection, e.g. by using a
>     protocol like https:// or ssh:// with proper PKI.

I think it's worth being honest with ourselves here that the proper PKI
part is not really happening with the Vcs-Git field (or Vcs-Browser for
that matter) in normal usage in the context of Debian packages and random
remote hosts.

The bar to the attacker is not zero when https with normal public CAs is
in use, but it's not very high.

I'm fine with including integrity protection in the protocol description
anyway, but hopefully no one will think that it implies that https is
providing strong authentication of the Git server here.  There's non-zero
authentication, but it's pretty weak.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
  - From: Jonathan Nieder <jrnieder@gmail.com>

References:
- Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
  - From: Russ Allbery <rra@debian.org>
- Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
  - From: Jonathan Nieder <jrnieder@gmail.com>

Prev by Date: Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
Next by Date: Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
Previous by thread: Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
Next by thread: Bug#810381: debian-policy: Update wording of 5.6.26 VCS-* fields to reflect the need for security
Index(es):
- Date
- Thread