Subject: Re: adding gpg to src/gnu/dist
To: None <tech-security@NetBSD.org, tech-userlevel@NetBSD.org>
From: Marc Tooley <netbsdMLpostNO@SPAM.quake.ca>
Date: 05/17/2004 09:38:40
On Friday 14 May 2004 13:17, Thor Lancelot Simon wrote:
> On Fri, May 14, 2004 at 12:58:57PM -0700, Marc Tooley wrote:
> > On Friday 14 May 2004 12:18, Love wrote:
> > > I'm sure they can run
> > >
> > > $ nbsvtool verify binary_pkg.sp7 && echo woohoo everything ok
> > > woohoo everything ok
> > >
> > > especially when its inside pkg_add so they don't need to run it
> > > at all themself.
> > >
> > > Love
> > ... which can't be used on other platforms where nbsvtool hasn't
> > been ported or doesn't exist; the ubiquity of GnuPG in this case
> > means that
> Uh, it's pretty hard to install packages on a system where pkg_add
> "hasn't been ported or doesn't exist", isn't it?
I was talking about requiring a netbsd or pkgsrc-friendly system to
verify if these hypothetical packages are authentic or not. On those
that it doesn't work so well on, the (possibly compromised) package
sits there as an unknown until it makes its way to a system where it
can be checked.
I mean sure, the end-user can detect it, and perhaps that's all that's
important. I'm just saying that gnupg is already on many of these kinds
of systems and already in-use. It seems to me that forcing people to
conform to a brand new authentication mechanism if they want to check
validity is a bit onerous.
Also, so far the only reasons for disliking gnupg apply far more aptly
to current openssl software, but for openssl you're willing to build an
entirely new trust mechanism around a *ssl library...?
Seems like a great deal of effort.
*shrug* Well, if it does go ahead, I hope we can provide the framework
as part of netbsd so others can use it to distribute their own packages
If a single gnupg key is used as an introducer or even just as a
signature on the other keys (security bulletins, system packages, etc)
then not only will you see the benefits of a hierarchical trust model,
but then you can take advantage of the already mammoth PKI in place and
those of us who like webs of trust can more easily integrate the
various netbsd keys into our familiar keyrings.