Based on my limited knowledge, a user can only sign the result with *his own* private key. It is not possible for him to modify a report signed by let's say *OPNFV release bot* and kept the original signature.
On Fri, Jan 13, 2017 at 4:38 PM Leo Wang <grakiss...@hotmail.com> wrote: > Hi Lincoln > > I agree with you , your proposal can keep the integrity of the dovetail > tool(scripts/codes), > > but i not sure that the content of results is right. > > to sign the result can only proof its integrity that result is not > tampered with during the transfer or uploading > > If user modify the result right after the result being generated then sign > the result > > how to tell whether the result is the original one or not ? > > > BR > > Leo Wang > > > > > On Jan 13, 2017, at 06:08, Lincoln Lavoie <lylav...@iol.unh.edu> wrote: > > Hi Leo, > > It may be worth separating the encryption from the signature piece. I > believe the primary purpose of the security requirements were to ensure the > integrity of the testing (i.e. the dovetail tests were not modified by the > tester, to "solve" a failure). In this process, I don't believe that is > accomplished, because the scripts are generating their own key each time. > I think this will also lead to a nightmare number of keys that have to be > kept, maintained, and tracked to look at results run in the past. > > Attached is a different approach. This approach would only sign the > results, which protects their integrity compared against the scripts that > were used to generate the results. If a user wanted to "protect" their > results, I would leave it to them to encrypt them and share keeps with the > expected "consumer." In this approach, OPNFV Staff would be responsible > for maintaining the public / private key (which should likely be updated > with each release. That key is used, along with a hash (MD5 sum or > similar) of the Dovetail "scripts" to sign the results. That signature can > then be validated against the public key, to ensure the scripts or results > were not tampered with prior to review. This approach assumes the trust is > placed with the OPNFV staff, in building (compiling) the integrity tool w/ > the private key, and providing only the compiled version with each release > (private key would have be protected within that tool). > > The "gotcha" is making sure that compiled tool can run on all platforms > and ensuring the private key is well protected. And, if the OPNFV staff > are able to maintain the set of keys, etc. > > > > Thoughts? > > Cheers, > Lincoln > > > On Thu, Jan 12, 2017 at 4:46 AM, Leo Wang <grakiss...@hotmail.com> wrote: > > Hi, Luke and Lincoln, > > > Dovetail team plans to add this feature to dovetail tool , and need your > professional advices from security group and 3rd party lab, > > so would you guys take a time to review this idea? > > > Thank you both in advance ! > > > I’ve update the diagram with digital signature, and both encryption and > digital signature can be optional to fit in user’s demand > > for details, please check this link: > https://wiki.opnfv.org/display/dovetail/Dovetail+Security+of+Report > > <encryption and digital signature (2).png> > > > On Dec 27, 2016, at 18:00, Lijun (Matthew) <matthew.li...@huawei.com> > wrote: > > digital signature should be added to do integrity checks, etc. +1. > > /MatthewLi > *发件人:*Leo Wang > *收件人:*Yujun Zhang > *抄送:*Motamary, Shabrinath via opnfv-tech-discuss > *时间:*2016-12-27 16:32:46 > *主题:*Re: [opnfv-tech-discuss] [dovetail]Dovetail encryption for report > > Encryption or signature or certificate do have different role in this big > picture, > > It can be done step by step. > > > > > On Dec 27, 2016, at 16:01, Yujun Zhang <zhangyujun+...@gmail.com> wrote: > > On Tue, Dec 27, 2016 at 3:54 PM Leo Wang <grakiss...@hotmail.com> wrote: > > As i mentioned , someone did show their concern on the security of test > report, so dovetail will provide this optional parameter for them > > digital signature is used to identify the source and its integrity, and > surely it can raise the security level, or even better to get a digital > certificate to make it more secure? > > > Sure. > > You may refer the international standard ISO/IEC 17065 on how to certify > a product. The standard is not about technical solution but quality > processes and organizations. > > Encryption or signature are all technical methods to enhance the authority > of a certification program. > > > > > > > -- > > ******************************************************************************* > *Lincoln Lavoie* > Senior Engineer, Broadband Technologies > > <https://www.iol.unh.edu/> > www.iol.unh.edu > 21 Madbury Rd., Ste. 100, Durham, NH 03824 > Mobile: +1-603-674-2755 <(603)%20674-2755> > lylav...@iol.unh.edu > <http://www.facebook.com/UNHIOL#> <https://twitter.com/#!/UNH_IOL> > <http://www.linkedin.com/company/unh-interoperability-lab> > > Ars sine scientia nihil est! -- Art without science is nothing. > Scientia sine ars est vacua! -- Science without art is empty. > > ******************************************************************************* > > <OPNFV_Dovetail_Signed_Results.png> > > > _______________________________________________ > opnfv-tech-discuss mailing list > opnfv-tech-discuss@lists.opnfv.org > https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss >
_______________________________________________ opnfv-tech-discuss mailing list opnfv-tech-discuss@lists.opnfv.org https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss