Re: Why use pgp?

To: debian-user@lists.debian.org
Subject: Re: Why use pgp?
From: jdassen@wi.leidenuniv.nl
Date: Fri, 9 Jan 1998 09:58:38 +0100
Message-id: <[🔎] 19980109095838.44741@wi.leidenuniv.nl>
In-reply-to: <[🔎] 34B5E35A.83EB583@reallycool.com>; from Dan Hugo on Fri, Jan 09, 1998 at 12:44:10AM -0800
References: <[🔎] Pine.LNX.3.95q.980109025734.4391D-100000@rivendell.rdny.udel.edu> <[🔎] 34B5E35A.83EB583@reallycool.com>

On Fri, Jan 09, 1998 at 12:44:10AM -0800, Dan Hugo wrote:
> Will Lowe wrote:
> > Well,  we use it to sign other things.  Like,  for example,  when I
> > upload a new debian package,  I sign it so that the people who run
> > ftp.debian.org (and eventually you) know that that package really came
> > from me -- I put my name on it,  so I'd like to make sure noone's
> > releasing stuff under my name without my authorization.  By the same
> > token,  you'd like to make sure that I'm the person who did it,  so that
> > if there's a bug,  or if it releases some horrible plague on your
> > computer,  you can get ahold of me.
> > :)
> 
> Something that might be less obvious is the fact that signing a message
> not only authenticates the author (assuming your signature, or public
> key, is available for someone to use for this purpose) of a message or
> piece of code, but it also allows one to authenicate the content of the
> message or code.

This too is used by the developers: when packages are uploaded to
master.debian.org, they are accompanied by PGP-signed .changes files; the
.changes files contain MD5 checksums of the uploaded files. Before packages
are moved to the location where ftp.debian.org and other mirrors pick them
up, their integrity is checked (first check the PGP signature, then 
compute the checksum on the files, and verify that they match those in the
(now authenticated) .changes file).

This way, even if a developer's account on master is cracked, or a package
is uploaded anonymously (e.g. from chiark), a malicious person cannot
introduce a malicious package into the distribution.

> If I recall correctly, there are cases where one shouldn't sign something.
> If I can remember any, I'll post 'em...

IIRC, you should'nt sign literal data received from somebody else, as that
can be used in an attack to gain information about your private key.

Greetings,
Ray
-- 
LEADERSHIP  A form of self-preservation exhibited by people with auto-
destructive imaginations in order to ensure that when it comes to the crunch 
it'll be someone else's bones which go crack and not their own.       
- The Hipcrime Vocab by Chad C. Mulligan    

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: Why use pgp?
  - From: Will Lowe <harpo@udel.edu>
- Re: Why use pgp?
  - From: Dan Hugo <dhugo@reallycool.com>

Prev by Date: Debian and the MANPATH variable
Next by Date: Re: XINETD don't start
Previous by thread: Re: Why use pgp?
Next by thread: Re: Why use pgp?
Index(es):
- Date
- Thread