[haiku-development] Re: Design for signed packages

• From: Julian Harnath <julian.harnath@xxxxxxxxxxxxxx>
• To: <haiku-development@xxxxxxxxxxxxx>
• Date: Fri, 28 Mar 2014 22:06:06 +0100

Urias McCullough <umccullough@xxxxxxxxx> schrieb:
> I don't understand how that's significantly different from simply
> maintaining hashes of all the binaries in our source control and
> verifying them during download. There's really no need to sign them
> assuming we trust devs who have commit access already.

The advantage of signing over a simple hash is that it depends on the 
private key, which is well, private. An attacker who could gain access 
to our package repo server could simply exchange the binaries and change 
the hashes. It's also easy to do a man-in-the-middle attack, changing 
these things on the fly.
Both attack scenarios don't work with signing: without access to the 
private key (which needs to be guarded closely), the attacker cannot 
generate a valid signature. All he could do is exchange the package 
containing the public CA certs, so new installations could be 
compromised... but everyone doing an update on an older system would 
immediately notice that things are wrong.

--
So long, jua

• Follow-Ups:
  • [haiku-development] Re: Design for signed packages
    • From: Urias McCullough

• References:
  • [haiku-development] Re: Design for signed packages
    • From: Urias McCullough

Other related posts:

• » [haiku-development] Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Axel Dörfler
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Axel Dörfler
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Stephan Aßmus
• » [haiku-development] Re: Design for signed packages- Axel Dörfler
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Rene Gollent
• » [haiku-development] Re: Design for signed packages- François Revol
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Urias McCullough
• » [haiku-development] Re: Design for signed packages- Rene Gollent
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Julian Harnath
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Ingo Weinhold
• » [haiku-development] Re: Design for signed packages- waddlesplash
• » [haiku-development] Re: Design for signed packages- SMC.Collins
• » [haiku-development] Re: Design for signed packages- Jonathan Schleifer
• » [haiku-development] Re: Design for signed packages- Fredrik Holmqvist
• » [haiku-development] Re: Design for signed packages- SMC.Collins

1. Home
2. haiku-development
3. Archive
4. 03-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---