Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.vote > #4570
| From | Russ Allbery <rra@debian.org> |
|---|---|
| Newsgroups | linux.debian.vote |
| Subject | Re: Security review of tag2upload |
| Date | 2024-06-16 20:30 +0200 |
| Message-ID | <IQ2Nz-3oLP-7@gated-at.bofh.it> (permalink) |
| References | <IOl7X-2gWq-1@gated-at.bofh.it> <IQ0LL-3nwF-1@gated-at.bofh.it> <IQ1eN-3nH6-17@gated-at.bofh.it> <IQ1y9-3o3P-15@gated-at.bofh.it> |
| Organization | The Eyrie |
Scott Kitterman <debian@kitterman.com> writes:
> I think it's just that I view a signature by a mechanized service as
> something different that a signature made by an actual person.
> Technically you are correct, but I think it's fundamentally different.
> I don't think the computer is responsible for anything. I think it has
> to trace to a person if you want to talk about responsibility.
Okay, thanks, I think this is the core of our disagreement. Let me sum up
my side, just to be very clear about what I think the disagreement is.
I don't believe that "a signature made by an actual person" is something
that exists in the real world. Humans do not sign things. We do not have
an OpenPGP implementation in our heads. Signatures are always made by
software, running on a possibly compromised computer, directed by humans.
Any link between the human and the signature is a point of possible
attack.
For the existing source package signatures, a simplified sequence looks
like this:
human --> (1) dpkg-buildpackage --> (2) debsign --> (3) archive
For tag2upload, a simplified sequence looks like:
human --> (1) Git --> (2) tag2upload --> (3) debsign --> (4) archive
In our current system, the source package signature can be traced back to
(2). In the tag2upload case, the source package signature can be traced
back to (3) using the existing techniques and, with more work and new
techniques, all the way back to (1).
In neither case can the source package signature be traced back to a
human, which is what I am arguing makes them similar. What we're arguing
about is which system has the better design (both security and otherwise)
for the pieces prior to (2) in the first case and (3)/(1) in the second
case.
--
Russ Allbery (rra@debian.org) <https://www.eyrie.org/~eagle/>
Back to linux.debian.vote | Previous | Next — Previous in thread | Next in thread | Find similar
Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-12 03:40 +0200
Re: Security review of tag2upload Antoine Beaupré <anarcat@debian.org> - 2024-06-12 19:20 +0200
Re: Security review of tag2upload Simon McVittie <smcv@debian.org> - 2024-06-12 20:00 +0200
Re: Security review of tag2upload Sam Hartman <hartmans@debian.org> - 2024-06-12 21:50 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-12 20:30 +0200
Re: Security review of tag2upload Simon Josefsson <simon@josefsson.org> - 2024-06-13 16:00 +0200
Re: Security review of tag2upload Simon Richter <sjr@debian.org> - 2024-06-13 16:10 +0200
Re: Security review of tag2upload Simon Josefsson <simon@josefsson.org> - 2024-06-13 17:00 +0200
Re: Security review of tag2upload Marco d'Itri <md@Linux.IT> - 2024-06-13 18:40 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-13 20:00 +0200
Re: Security review of tag2upload Sam Hartman <hartmans@debian.org> - 2024-06-13 23:00 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 18:40 +0200
Re: Security review of tag2upload Sam Hartman <hartmans@debian.org> - 2024-06-16 23:30 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-24 20:30 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-13 21:00 +0200
Re: Security review of tag2upload [transfer.fsckObjects] Simon Josefsson <simon@josefsson.org> - 2024-06-14 00:00 +0200
Re: Security review of tag2upload [transfer.fsckObjects] Russ Allbery <rra@debian.org> - 2024-06-14 00:50 +0200
Re: Security review of tag2upload [transfer.fsckObjects] Russ Allbery <rra@debian.org> - 2024-06-14 01:00 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-16 05:10 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 08:50 +0200
Re: Security review of tag2upload Gunnar Wolf <gwolf@debian.org> - 2024-06-16 09:00 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-16 12:50 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 18:10 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-16 18:20 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 18:50 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-16 19:10 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 20:30 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-16 21:20 +0200
Re: Security review of tag2upload Matthias Urlichs <matthias@urlichs.de> - 2024-06-16 22:00 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-16 22:10 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-17 06:40 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-17 07:30 +0200
Re: Security review of tag2upload Scott Kitterman <debian@kitterman.com> - 2024-06-17 07:50 +0200
Re: Security review of tag2upload Louis-Philippe Véronneau <pollo@debian.org> - 2024-06-17 07:50 +0200
Re: Security review of tag2upload Louis-Philippe Véronneau <pollo@debian.org> - 2024-06-17 08:20 +0200
Re: Security review of tag2upload Jonas Smedegaard <jonas@jones.dk> - 2024-06-17 08:20 +0200
Re: Security review of tag2upload Matthias Urlichs <matthias@urlichs.de> - 2024-06-17 09:40 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-17 17:40 +0200
Re: Security review of tag2upload Aigars Mahinovs <aigarius@debian.org> - 2024-06-17 12:50 +0200
Re: Security review of tag2upload Simon Josefsson <simon@josefsson.org> - 2024-06-17 11:00 +0200
Re: Security review of tag2upload Brian May <bam@debian.org> - 2024-06-17 12:40 +0200
Re: Security review of tag2upload Simon Josefsson <simon@josefsson.org> - 2024-06-17 13:30 +0200
Re: Security review of tag2upload Matthias Urlichs <matthias@urlichs.de> - 2024-06-17 13:30 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-17 17:30 +0200
Re: Security review of tag2upload Ian Jackson <ijackson@chiark.greenend.org.uk> - 2024-06-17 13:40 +0200
Re: Security review of tag2upload Stefano Rivera <stefanor@debian.org> - 2024-06-16 19:30 +0200
Re: Security review of tag2upload Ian Jackson <ijackson@chiark.greenend.org.uk> - 2024-06-17 13:30 +0200
Re: Security review of tag2upload HW42 <hw42@ipsumj.de> - 2024-06-25 01:10 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-25 02:10 +0200
Re: Security review of tag2upload Russ Allbery <rra@debian.org> - 2024-06-25 03:40 +0200
Re: Security review of tag2upload Salvo Tomaselli <tiposchi@tiscali.it> - 2024-06-26 09:30 +0200
Re: Security review of tag2upload Jonas Smedegaard <jonas@jones.dk> - 2024-06-26 09:50 +0200
Re: Security review of tag2upload Salvo Tomaselli <tiposchi@tiscali.it> - 2024-06-26 10:40 +0200
Re: Security review of tag2upload Jonas Smedegaard <jonas@jones.dk> - 2024-06-26 12:40 +0200
Re: Security review of tag2upload Ian Jackson <ijackson@chiark.greenend.org.uk> - 2024-06-25 11:30 +0200
Re: Security review of tag2upload Matthias Urlichs <matthias@urlichs.de> - 2024-06-25 12:10 +0200
csiph-web