1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
On Sunday 04 August 2002 18:55, Spider wrote: |
5 |
> Well, I was browsing around the other day checking into the |
6 |
> "behind the scenes" work of gnupg and keyservers when I |
7 |
> stumbled on this link.. |
8 |
> |
9 |
> |
10 |
> http://www.cryptnet.net/fdp/crypto/strong_distro.html |
11 |
|
12 |
i've just read it (though not very carefully). to me this looks |
13 |
like a description of the "usual" package signing procedure |
14 |
(based on asym/pubkey crypto). |
15 |
|
16 |
as a part of a semester thesis (thus do not take that stuff too |
17 |
seriously, ok? ;) i've developed such a package signing concept |
18 |
for portage and hacked a tiny prototype portage extension too. |
19 |
(btw. i've sent it to a couple of core devs once. that's when |
20 |
ryan told me about his package signing tool.) |
21 |
|
22 |
here's a quick overview of some concepts behind it: |
23 |
|
24 |
* usual package signing concept (asym crypto, pubkey instead of |
25 |
x509) |
26 |
* leverage as many of existing technologies as possible (portage, |
27 |
gnupg, web of trust). -> traditional open source/unix approach. |
28 |
* backwards compatibility (usage of the extension is optional) |
29 |
* should be as easy as possible to use for both users and core |
30 |
devs. reasonable defaults, but customizable. |
31 |
* ensure scalability of the gentoo development process (each core |
32 |
dev signs "his" ebuild submissions, no bottleneck) |
33 |
* security through a loosely coupled, modular design with a |
34 |
clearly defined interface to portage ("hooks" into portage). |
35 |
k-i-s-s -> traditional security approach. |
36 |
* fine-grained levels of trust through gnupg and most |
37 |
importantly: the user defines himself, whom he trusts or not. |
38 |
* no need to ship public keys. keys get fetched automatically |
39 |
from public key servers. "single point of failure" conscious. |
40 |
|
41 |
it comes down that trust (from the user's point of view) is |
42 |
required at the following places: |
43 |
|
44 |
* the user must trust the security of his own box |
45 |
* the user defines wether he trusts the authenticity of a core |
46 |
devs openpgp key. |
47 |
|
48 |
each core dev is responsible for the security of his own private |
49 |
key. however, if a key gets compromised, he can revoke it as |
50 |
usual etc. |
51 |
|
52 |
issues: |
53 |
|
54 |
* establishing a trusted key chain from the user to one or more |
55 |
valid keys in the core devs keyring. establishing trusted key |
56 |
chains between core devs. this is the common issue with the web |
57 |
of trust/open pgp in contrary to hierarchical, centralized trust |
58 |
models (well, there the same issue exists but at a place where |
59 |
the user usually does not notice it -> faked trust). see section |
60 |
iii.10 of the paper for possible "solutions". |
61 |
* integration with portage and its frontends. a good package |
62 |
signature verification process should/will require some user |
63 |
intervention which is opposite to the current batch processing |
64 |
concept of portage. if so, it has to be implemented in a way |
65 |
that allows frontends to handle it too. |
66 |
* _security_ of ebuilds, patches, tarballs etc. |
67 |
|
68 |
the first two issues are pretty tough stuff. the third one is |
69 |
minor, just to recall that trust != security (there will never |
70 |
be security, only trust_) |
71 |
|
72 |
i've implemented the prototype using procedural python (an oo |
73 |
approach would have been better) in a typical rad manner (code |
74 |
not fully functional, not optimized, ...) -> it is a |
75 |
proof-of-concept only and i _do not_ recommend to use it _any_ |
76 |
further. |
77 |
|
78 |
nevertheless i think that the concept behind it is fine. as it is |
79 |
basically a simple package signing concept based on open pgp |
80 |
(see section iii.10) it probably can not be improved much unless |
81 |
one takes a completely different approach (for example by mixing |
82 |
in some zero-knowledge-proof stuff ;). |
83 |
|
84 |
for those interested, the paper and the sources are available |
85 |
here: |
86 |
|
87 |
http://www.icu.unizh.ch/~mettlerd/semesterthesis/ |
88 |
|
89 |
in my view, implementing a mechanism to ensure the authenticity |
90 |
and integrity of the portage tree is crucial for gentoo's future |
91 |
(think of all the portage tree mirrors out there). however, |
92 |
it's not a trivial thing. |
93 |
|
94 |
regards |
95 |
|
96 |
dan |
97 |
|
98 |
- -- |
99 |
...::: Daniel Mettler | http://www.numlock.ch :::.... |
100 |
|
101 |
-----BEGIN PGP SIGNATURE----- |
102 |
Version: GnuPG v1.0.7 (GNU/Linux) |
103 |
|
104 |
iD8DBQE9UF39SLYjgrGjnWQRAk1jAJ9jWtJmG/KDyiq+rEZlK3YkaSnA2ACfc//s |
105 |
0sncgx6z7SOQsmrPxEoqRFY= |
106 |
=rSfV |
107 |
-----END PGP SIGNATURE----- |