Gentoo Archives: gentoo-dev

From: Joshua Brindle <method@g.o>
To: John Nilsson <john@×××××××.nu>
Cc: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Redux: 2004.1 will not include a secure portage.
Date: Tue, 30 Mar 2004 00:03:58
Message-Id: 4068B950.7050502@gentoo.org
In Reply to: Re: [gentoo-dev] Redux: 2004.1 will not include a secure portage. by John Nilsson
1 This thread is getting way 'out there'. Noone ever said that GPG signing
2 is the end-all in security, noone ever said that it's the perfect method
3 of protection, what we did say is that it's *alot* better than what we
4 have now.
5 I wish that people would stop coming up with obscure holes in the
6 signing model, there is no way around them but this is a far greater
7 amount of protection than we have now.
8 The key to security is layers, we implement as many layers of security
9 as possible to prevent compromises but there is obviously a huge human
10 element that we can't 'fix'. The obscure ways of defeating the model
11 should not stop us from implementing it, and it won't so lets try to
12 keep our eyes on the goal and not get drawn off by non-productive
13 distractions.
14
15 Joshua Brindle
16
17
18 John Nilsson wrote:
19
20 > You have to trust the device that you interface with in any case. If the
21 > computer is compromised, how do you know that the message you pipe
22 > through for signing is the same as on the screen?
23 >
24 > -John
25 >
26 > On Mon, 2004-03-29 at 10:47, Paul de Vrieze wrote:
27 >
28 > On Sunday 28 March 2004 18:39, Sami Näätänen wrote:
29 >
30 >
31 >>To do what?
32 >
33 >>The master key will not be present there.
34 >>And if you don't provide those keys that are in the card the keys you
35 >>make with the trojaned machine can't be validated with the master
36 >>public key.
37 >
38 > That would only work if the external device actually performs the
39 > singing. Not when the key itself is readable by the computer the device
40 > is inserted in. I don't know if it would be possible to acquire such a
41 > device allthough they probably exist.
42 >
43 > Paul
44 >
45
46 --
47 gentoo-dev@g.o mailing list
48
49
50
51
52 --
53 gentoo-dev@g.o mailing list

Replies

Subject Author
Re: [gentoo-dev] Redux: 2004.1 will not include a secure portage. John Nilsson <john@×××××××.nu>