From: Joanna Rutkowska <joanna@invisiblethingslab.com>
To: Keir Fraser <keir.fraser@eu.citrix.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>,
Ian Jackson <Ian.Jackson@eu.citrix.com>
Subject: Re: Xen signing and wget
Date: Tue, 06 Jul 2010 17:42:11 +0200 [thread overview]
Message-ID: <4C334ED3.2060108@invisiblethingslab.com> (raw)
In-Reply-To: <C8590BA9.198A1%keir.fraser@eu.citrix.com>
[-- Attachment #1.1: Type: text/plain, Size: 1234 bytes --]
On 07/06/10 17:34, Keir Fraser wrote:
> On 06/07/2010 16:27, "Joanna Rutkowska" <joanna@invisiblethingslab.com>
> wrote:
>
>>>> But you use plaintext connection, which, in security, means random code.
>>>> I think we have already went through this last time when discussing the
>>>> signing process for Xen ;)
>>>
>>> Okay, then make a patch, including hashes for our current collection of
>>> downloads.
>>
>> I'm not a Xen developer. I do not sign your tarballs...
>
> Perhaps best then to sign the tarballs we have on xenbits, and verify the
> signatures when we download tarballs. Ian Jackson might pick that up as a
> work item.
>
For me (=user) that would be just fine, but I think *for you* (=vendor)
it might be better to just generate a list of hashes via md5sum and
include this file (say 'sources') in your tarball, and get your
Makefiles just do md5sum -c sources after it downloads them.
The difference is subtle, but I think you show this way that these are
external components, originally not signed, not created by you (but only
somehow verified, hence the hash). If you sign something with your key,
it suggests you have somehow generated it yourself. I know it's subtle.
joanna.
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 226 bytes --]
[-- Attachment #2: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
next prev parent reply other threads:[~2010-07-06 15:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-06 15:12 Xen signing and wget Joanna Rutkowska
2010-07-06 15:21 ` Keir Fraser
2010-07-06 15:23 ` Joanna Rutkowska
2010-07-06 15:24 ` Keir Fraser
2010-07-06 15:27 ` Joanna Rutkowska
2010-07-06 15:34 ` Keir Fraser
2010-07-06 15:42 ` Joanna Rutkowska [this message]
2010-07-06 15:50 ` Xen signing and wget [and 3 more messages] Ian Jackson
2010-07-06 15:56 ` Joanna Rutkowska
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C334ED3.2060108@invisiblethingslab.com \
--to=joanna@invisiblethingslab.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=keir.fraser@eu.citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).