-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2017-06-04 07:29, Axel wrote: > I did not see that pull request. Note however that the pull request > makes qubes-secpack depend on the blockchain in order to prove > information creation *after* a certain point in time, while my > suggestion was the opposite: make the blockchain depend on > qubes-secpack in order to prove information creation *before* a > certain point in time. > > I think we should have both. Other things than just canaries can > benefit from being locked into a narrow time period. Maybe it makes > sense to have a folder in qubes-secpack with timing proofs. They > would be of two types: * A proof of freshness, including the last > 10 bitcoin block hashes. * A proof of existence, including the > identifier of a bitcoin transaction that includes the hash of > either the last git commit, or a more elaborate statement. > IMPORTANT NOTE: As far as I understand, git tags, signed or not, > are not part of the actual commits. If so, proof of existence must > also include the tag signatures. > > Regularly making such timing proofs part of the commit chain will > lock all changes in that repository into a narrow period of time. > Each commit is provably created after all proofs of freshness > committed before or included in it, and before all proofs of > existence committed after it. Ideally, every important commit, such > as a release digest or canary, should be directly preceded by, or > include, a proof of freshness and directly followed by a proof of > existence. >
My next question was going to be whether you're aware of Peter Todd's OpenTimestamps project, which Jean-Philippe mentioned. Also see: https://petertodd.org/2016/opentimestamps-announcement https://github.com/opentimestamps/opentimestamps-client IIUC, OpenTimestamps may already do what you're aiming to do. P.S. - Please don't top-post. > > On Sunday, June 4, 2017 at 6:50:57 AM UTC+2, Andrew David Wong > wrote: >> > On 2017-06-03 10:24, Axel wrote: >>>> As Joanna has already noted, qubes-secpack is not advertised >>>> as solving all problems related to distribution security, >>>> but "the best we can do" currently. >>>> >>>> I'd like to suggest a practical improvement of qubes-secpack >>>> that I believe can protect against a (rather limited) class >>>> of threats including some forced private key hand-over and >>>> insider threats. >>>> >>>> *The scheme:* >>>> >>>> The idea is to publish hashes of git commits, and maybe also >>>> of detached signatures, to the bitcoin blockchain. This will >>>> serve as a reasonable secure proof that the information was >>>> created *before* a certain point in time. In addition to the >>>> proof of freshness, this locks the information into a >>>> *narrow time frame*. [...] > > Have you seen this? > > https://github.com/QubesOS/qubes-issues/issues/2685 > https://github.com/QubesOS/qubes-secpack/pull/15 > - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZNH97AAoJENtN07w5UDAwVScP/1Pfp4hvpTMw5HDdmWIpLIMA qSgBYe82CypcVCEK3bM2ku7UX8m2t2SFXz5EytWRQ/LUJjZ9gXCU1Pb9K3+2YJ2m Gj7vdeAeXNWoUCmpmPWJpwSEshwuOpU3rknHS/1ICH3aP0eYCA9HVk0MMFA/k+e4 j0AQ1co2bEQN6eTSgFOq8MrDavVXgySJPe0GT9Tr1vIo2P0plYsDRHSvhCw2KKst A/OGF7EP7a/Siq5rvgM2oIWUG6GSgo0dJojfj8Ce0y0iEDV2BaqD/HSJWSF8onQ5 jhxhIiKnaSP+DGK2IrsiFb+pigT2NipLj+uLcrFraMX+Ua7dlepWfGHFKZKCSFnl 1ACe6XbRrpkRnPF08q5yMqK6/vKdYeBE7HI8/BkHpCM5b6SzNi1DUxwjTCh9hZhA Ut/EHrnv188OLxFNpCt7Lg3DGhixaLhuC/h27sFRHcLf6TUrVQmndacVoM1YS8xX 5Gc6cYARjyK/KCm43DhSTmgfIpwuZdEq2Lv0/G/cEDotoja3hSYkAjPtk7Jv8czw oDn6Sf3D8KaXN7BXGtphN/sffqHxTFMMhzKpirD41QUzvtvKdzG3ZNjLK82pn6kg b1R5rYxDAieDtYMikiejYprPW0kD+3Qrh6lydRRG0Bx3useTiU+aC3xpfCGgVcFz aExJLDNvQ0tetUTXgUsM =3Vlz -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/40427f33-b217-b0e8-be70-f53e7e6ead31%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
