-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, Jan 20, 2017 at 04:45:03PM -0500, Jean-Philippe Ouellet wrote: > On Fri, Jan 20, 2017 at 5:40 AM, Marek Marczykowski-Górecki > <[email protected]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > On Fri, Jan 20, 2017 at 03:12:54AM -0500, Jean-Philippe Ouellet wrote: > >> I would like to bring this list's attention to the availability of > >> what I believe to be a good non-OpenPGP solution to the problem of > >> cryptographically verifying code. > >> > >> The OpenBSD community has had very similar discussions internally > >> several years ago, and they resulted in the implementation of a > >> minimal non-OpenPGP signature creation & verification tool called > >> signify, using the NaCl primitives [1]. It has been successfully used > >> for package, release, and advisory signing for several years now, and > >> has been audited both within and without the OpenBSD community. > > > > While the tool looks interesting, it solve somehow different problem > > than we have. The tool is only about signing data, with asymmetric > > crypto (so a key pair is needed). But in our case, we have problem with > > both integrity protection and encryption > > Indeed. I propose it mainly in the context of dom0 package > verification, where we have the inconsistency of trusting pgp there > while explicitly avoiding doing so elsewhere in Qubes, as discussed > previously in this thread. Sorry for the ambiguity.
Ah I see. Then indeed that makes some sense (disclaimer: haven't looked at the tool yet - only read your description). But there is one precondition to even think about something like this: we'd need to build _all_ dom0 packages ourself. Currently we use Fedora packages directly. And those packages are signed with gpg. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJYgpoeAAoJENuP0xzK19csMwIH/jRbcPTPwnXZoY81oPKUv8/Y Y/jizAan07yBW67ZK9JItGNndSrveiSeC6e6sx/ndlcmfzb3mL/5VcABBwggecBI mkKIHzDh8S2Oono11YqdZmLJok4pOv2j+M8tiaf/BRa8teuUDlaOHqmjnHDWXatH RZe7nbzFrCgggDKAYySdYPgMIM2Ec0WC0kiukGSsVCoie3b6iimX9ss3akA85FiI EbcLVUs00u3Ao92B7+CfJBuhaH4tvIdm87eI+/1AmO0l4WwwIEP4M+daeUsUV6+T 0W0oChq2hRYKIeI+vWoJ4EpxTsiCYqQ6V3gk4QsBkuSLLogBoQ5+lmD1un5GWSI= =8Ctw -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170120231542.GJ5268%40mail-itl. For more options, visit https://groups.google.com/d/optout.
