* Julian Mehnle ([EMAIL PROTECTED]) [031210 13:40]: > Joey Hess <[EMAIL PROTECTED]> wrote: > > Goswin von Brederlow wrote: > > > What can we do with deb signatures? > > > > > > For our current problem, the integrity of the debian archive being > > > questioned, the procedure would be easy and available to every user: > > > > > > 1. get any clean Debian keyring (or just the key signing the keyring) > > > 2. verify the latest Debian keyring > > > 3. verify that each deb was signed by a DD and the signature fits > > > > The canoical attack against signed debs in this situation is to find a > > signed deb on snapshot.debian.net that contains a known security hole. > > Now inject it into the compromised archive, with a changed filename, and > > edit the Packages file to have its md5sum. Now a user's checks will > > succeed -- the package is signed with a developer's key -- but they will > > install the old, insecure .deb. The only hint will be a warning from > > dpkg that it is downgrading the package, and a clever attacker might > > avoid even that.
> We could use a revocation list where signatures of packages with known > security holes are listed as being revoked. Of course, you'd > need to be online to check it when installing/updating packages. And the > revocation list would best be served from a server that's > secure and separate from the archive servers to make attacks against it a bit > more difficult. Yes, that would also be a good enhancement. However, verifying the actual control files of a package again the information in Packages is also worth doing. Cheers, Andi -- http://home.arcor.de/andreas-barth/ PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C