[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
From: |
Karel Gardas |
Subject: |
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch |
Date: |
Sun, 7 Dec 2003 22:48:21 +0100 (CET) |
On Mon, 8 Dec 2003, Robert Collins wrote:
> On Mon, 2003-12-08 at 08:12, Karel Gardas wrote:
> > > `get' doesn't check signatures in this proposal. My reasoning is that
> > > while the archive host is going to have public keys (somewhere outside
> > > of where arch itself can touch them) clients running `get' generally
> > > won't.
> >
> > Oops, either I don't understand, or if I understand, that's IMHO no
> > security at all. IMHO get _needs_ to verify signatures.
>
> The immediate goal for GPG support, is to allow archive integrity checks
> post-server-compromise - see the message from RMS in Tom's post.
>
> Thus, having tla get check the signatures is orthogonal to the immediate
> goal.
>
> That said, having get check the signatures makes sense as a phase 2
> implementation.
>
> For users wanting to gpg check in phase 1, it's easy: archive-mirror to
> the local disk, with copying signatures enabled. Then run the integrity
> checking script tom proposed.
Aha, now I understand, you are talking about support for signatures on
commit, etc. (i.e. pushing something into the archive) and avoiding any
support for sigs. verification when the changeset is used. Yes, whole
archive verification is quite easy scripting work...
In fact, during my thinking about the topic I came with reverse idea:
verify signatures on get/etc. but sign changesets manually directly in
archive + push-mirror change to push dump-copy of sign files.
Karel
--
Karel Gardas address@hidden
ObjectSecurity Ltd. http://www.objectsecurity.com
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, (continued)
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/07
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Robert Collins, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/08
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Tom Mraz, 2003/12/08
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Karel Gardas, 2003/12/07
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, Andrew Suffield, 2003/12/08
Re: [Gnu-arch-users] crypto sigs and _Encryption_ for arch, Paul Hedderly, 2003/12/09
crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
- Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Robert Collins, 2003/12/07
- Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
- Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/07
- Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Robert Collins, 2003/12/07
- Re: crypto signatures for arch/another proposal [was: Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch], Karel Gardas, 2003/12/08