1 |
On 08/22/2018 04:06 PM, Michał Górny wrote: |
2 |
> On Wed, 2018-08-22 at 15:48 +0200, Kristian Fiskerstrand wrote: |
3 |
>> On 08/22/2018 03:37 PM, Michał Górny wrote: |
4 |
>>> This is one attack vector that -- AFAIU -- hardware tokens protect |
5 |
>>> against. |
6 |
>> |
7 |
>> Right, although it only shifts the attack, so user would just wait until |
8 |
>> the token is available to perform whatever wanted anyways. In terms of |
9 |
>> after the attack, the difference is we don't really use OpenPGP as a |
10 |
>> long term identify such as it is in general. For a user, losing WoT etc |
11 |
>> can have an impact, for Gentoo we just update LDAP and access is |
12 |
>> effectively revoked without further issues, we don't need the key |
13 |
>> material to survive this attack to be used after the fact again, which |
14 |
>> is really what the hardware token helps for. |
15 |
>> |
16 |
> |
17 |
> We're talking about 'the burglar can come into the house when the door |
18 |
> is unlocked' vs 'the burglar has the key and can come and go as he |
19 |
> pleases'. You make it sound like there's no difference. |
20 |
> |
21 |
|
22 |
If there is a trojan installed on the computer there isn't really much |
23 |
difference between those scenarios; it really comes down to better |
24 |
review platform a priori and more auditing of commits post hoc. |
25 |
|
26 |
-- |
27 |
Kristian Fiskerstrand |
28 |
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net |
29 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |