Re: Bug#499897: preventing replay attacks against the security archive

To: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>
Cc: Thijs Kinkhorst <thijs@debian.org>, Peter Palfrader <weasel@debian.org>, Philipp Kern <pkern@debian.org>, 499897@bugs.debian.org, team@security.debian.org, deity@lists.debian.org, Michael Vogt <mvo@debian.org>
Subject: Re: Bug#499897: preventing replay attacks against the security archive
From: Florian Weimer <fw@deneb.enyo.de>
Date: Mon, 24 Nov 2008 12:20:59 +0100
Message-id: <[🔎] 87y6z9pdyc.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 492A8C79.4060009@gmail.com> (Eugene V. Lyubimkin's message of "Mon, 24 Nov 2008 13:14:01 +0200")
References: <200809240804.34689.thijs@debian.org> <87y71gqpri.fsf@delenn.ganneff.de> <20080925164820.GA20313@durotan.0x539.de> <200809252212.31938.thijs@debian.org> <20080925213150.GF15136@anguilla.noreply.org> <5424e003e946d9d52abb5aaaf485cd6f.squirrel@wm.kinkhorst.nl> <[🔎] 87ljvauqod.fsf@vorlon.ganneff.de> <[🔎] 4929C9FE.2050102@gmail.com> <[🔎] 87fxlh1otr.fsf@mid.deneb.enyo.de> <[🔎] 492A8C79.4060009@gmail.com>

* Eugene V. Lyubimkin:

>> If it uses the real-time clock, it doesn't fix the issue because our
>> users typically haven't got a secure time source.

> Yes, it does. I doubt that apt has something else that can be
> treated as more secure (time?) source.

At the very least, apt could check that the signature (or the
Valid-Until field) does not go back in time.  However, this has
serious potential for shooting is in our collective feet (think what
happens if we accidentally publish something Valid-Until 2038), so I'm
not sure if it's acceptable.

Reply to:

References:
- Re: Bug#499897: preventing replay attacks against the security archive
  - From: Joerg Jaspert <joerg@debian.org>
- Re: Bug#499897: preventing replay attacks against the security archive
  - From: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>
- Re: Bug#499897: preventing replay attacks against the security archive
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#499897: preventing replay attacks against the security archive
  - From: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>

Prev by Date: Re: Bug#499897: preventing replay attacks against the security archive
Next by Date: Processed: forcibly merging 355284 394619
Previous by thread: Re: Bug#499897: preventing replay attacks against the security archive
Next by thread: Re: Bug#499897: preventing replay attacks against the security archive
Index(es):
- Date
- Thread