Cryptographically signed releases

Marc Lehmann schmorp at schmorp.de
Sun Jan 5 04:17:46 CET 2014


On Sat, Jan 04, 2014 at 02:46:45PM +0100, Alexander Huemer <alexander.huemer at xx.vu> wrote:
> Well, data in a https connection cannot be trivially exchanged with 
> something else without having the key.
> In my opinion that would be the whole point, to prevent trivial attacks.

Trivial attacks such as man-in-the-middle attacks on specific targets?

> > I think for abyody who didn't live under a rock for the last two years
> > (security-wise), it should be obvious that this isn't true - you don't
> > have to be a government agency to get fake certificates at all.
> 
> That's correct, but not the point.

I think that is very well the point.

> > Which, in itself, isn't that helpful (nobody is interested whether the
> > file is modified or not, people are interested in whether the contents are
> > harmful or not).
> 
> Of course I want to know whether the file I downloaded was modified 
> during download.

And why would that be? As long as it does as advertised (what I meant with
"not harmful"), why would you care? For exmaple, what if I had a proxy
that modified the files to add a signature or timestamp, why would you
care?

Honestly, I can't imagine why the _modification_ part bothers you, as
opposed to the _effects of such a modification_.

> > (What is a distributive developer?)
> 
> I am pretty sure what he meant is a package maintainer of a linux 
> distribution.

That makes sense, thanks. I am not sure why that would make a difference
though - I publish my software for everybody, not specifically distro
maintainers.

> > I don't think it is particularly convincing to say that using https is
> > alwas a good idea because you prefer it :)
> 
> It is generally a good idea. Or do you have any examples of negative 
> effects of its usage?

It often makes sites very hard to access, especially on browsers like
firefox, who are less interested in security and more into making money
for CAs.

And obviously it's extra effort, as I mentioned in my first reply that you
somehow missed.

> > Interesting, nice to know (but I don't trust any CAs except my own).
> 
> Yes, there is absolutely no point in trusting some random company.

Which is what https relies on to avoid the "trivial" modification attacks.

-- 
                The choice of a       Deliantra, the free code+content MORPG
      -----==-     _GNU_              http://www.deliantra.net
      ----==-- _       generation
      ---==---(_)__  __ ____  __      Marc Lehmann
      --==---/ / _ \/ // /\ \/ /      schmorp at schmorp.de
      -=====/_/_//_/\_,_/ /_/\_\




More information about the rxvt-unicode mailing list