| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Marc Ballarin wrote: |
| 5 |
> I think that improperly used signatures are a dangerous placebo. |
| 6 |
> Developers have to be well aware of how to treat and use their keys. |
| 7 |
> Users have to be thoroughly educated about the meaning of a signature (ie |
| 8 |
> which guarantees it gives and which it cannot give). |
| 9 |
> If this does not happen, there will be a lot of dangerous |
| 10 |
> misunderstanding and - eventually - bad blood. |
| 11 |
|
| 12 |
I find all this talk really strange. Basically, ``let's not implement a |
| 13 |
security feature, because people might think it provides more security |
| 14 |
than it does, and blame us when it does not provide that security.'' |
| 15 |
|
| 16 |
In fact, this *does* provide a clearly quantifiable security benefit, in |
| 17 |
that rsync mirrors and channels of distribution (i.e. DNS servers, |
| 18 |
routers, etc) need not be trusted. Currently, they must be trusted. So |
| 19 |
this narrows the Trusted Computing Base down quite a bit, to get |
| 20 |
technical, and anyone can see that this benefits security as a result. |
| 21 |
Now, how much does it benefit? I don't know of a quanta to measure that in. |
| 22 |
|
| 23 |
The point remains that this is a security benefit, and the only |
| 24 |
arguments I've seen here against it are either that it's overhyped, |
| 25 |
which is a meaningless argument and no reason not to implement it, or |
| 26 |
that it's currently too difficult to do, which is not the case. |
| 27 |
|
| 28 |
The reason it isn't implemented is becuase it takes a lot of people |
| 29 |
getting on board before it works, right? Fine. I'm understanding, and |
| 30 |
not terribly critical. But I think it's delusion to say that this |
| 31 |
provides no security benefit; objectively, quantitatively, it does. |
| 32 |
- -- |
| 33 |
Dan "KrispyKringle" Margolis |
| 34 |
Security Coordinator/Audit Project, Gentoo Linux |
| 35 |
-----BEGIN PGP SIGNATURE----- |
| 36 |
Version: GnuPG v1.2.4 (Darwin) |
| 37 |
|
| 38 |
iQEVAwUBQY5iD7DO2aFJ9pv2AQKlcAf/cUmSkPNnAj3v8XQ3YxE0fJ1ynVOuyAt1 |
| 39 |
k+yPrcuPuz7jk4/+UDAt5MOvVZpaHY8jhNlV5ACPhyp8Dldo6mFIIGHkOYLvIuhr |
| 40 |
O//tmN0RMkySXw4Lal/nQVD31vSMFUrcpXxnKOSsDXTJ+FeO5lU8hKQAowkuw4L2 |
| 41 |
t3evkWzvhbDEON9/X0D68tZG1m4dpBxQty+MibPwdtJyZ8tZkcLwr+LXXU2Q6uUn |
| 42 |
LGPd1KG3wx1faVkNhDFBMbYYWrLemGKnSXVr0c7wkllMJNb83QzbbBA0yvE42jna |
| 43 |
IDlF4ndH3MGB/N3myo8pfFZTt8WpK+xmOSqTVjTNmap7ImHkIsnI3w== |
| 44 |
=35tM |
| 45 |
-----END PGP SIGNATURE----- |
| 46 |
|
| 47 |
-- |
| 48 |
gentoo-security@g.o mailing list |
Archives