Re: [HACKERS] PGP signing releases

2003-02-11 Thread Greg Copeland
Well said. I'm glad someone else is willing to take a stab at addressing these issues, since I've been down with the flu. Thanks Greg. As both Gregs have pointed out, hashes and checksums alone should only be used as an integrity check. It is not a viable security mechanism. A hash does not

Re: [HACKERS] PGP signing releases

2003-02-11 Thread Greg Copeland
On Wed, 2003-02-05 at 18:53, Curt Sampson wrote: On Thu, 5 Feb 2003, Greg Copeland wrote: Who will actually hold the key? Where will it be physically kept? Good question but can usually be addressed. It can be addressed, but how well? This is another big issue that I

Re: [HACKERS] PGP signing releases

2003-02-10 Thread greg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So you put the MD5 sum into the release announcement email. That is downloaded by many people and also archived in many distributed places that we don't control, so it would be very hard to tamper with. ISTM that this gives you the same

Re: [HACKERS] PGP signing releases

2003-02-10 Thread Peter Eisentraut
Curt Sampson writes: MD5, or any other unsigned check, makes sense from a security point of view only if it is stored independently from the thing you are checking. So you put the MD5 sum into the release announcement email. That is downloaded by many people and also archived in many

Re: [HACKERS] PGP signing releases

2003-02-07 Thread greg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 To answer some of my earlier questions, here is one specific way of doing it: Tom Lane creates a PostgreSQL key, signing only, DSA, 1024 bits, that expires in 3 years. It ends up looking something like this: pub 1024D/0BB10D1D 2003-02-07

Re: [HACKERS] PGP signing releases

2003-02-06 Thread Greg Copeland
On Tue, 2003-02-04 at 18:27, Curt Sampson wrote: On Tue, 2003-02-04 at 16:13, Kurt Roeckx wrote: On Tue, Feb 04, 2003 at 02:04:01PM -0600, Greg Copeland wrote: Even improperly used, digital signatures should never be worse than simple checksums. Having said that, anyone that is

Re: [HACKERS] PGP signing releases

2003-02-05 Thread Curt Sampson
On Wed, 4 Feb 2003, Greg Copeland wrote: If three people are required to sign a package prior to release, what happens when one of them is unavailable for signing (vacation, hospital, etc). This is one of the reasons why having a single project key which the core developers sign may appear to

Re: [HACKERS] PGP signing releases

2003-02-05 Thread Bruno Wolff III
On Wed, Feb 05, 2003 at 15:22:12 +0900, Curt Sampson [EMAIL PROTECTED] wrote: On Wed, 4 Feb 2003, Greg Copeland wrote: Hm. Splitting the key into parts is a very interesting idea, but I'd be interested to know how you might implement it without requiring everybody to be physically present

Re: [HACKERS] PGP signing releases

2003-02-05 Thread Greg Copeland
On Wed, 2003-02-05 at 00:22, Curt Sampson wrote: On Wed, 4 Feb 2003, Greg Copeland wrote: If three people are required to sign a package prior to release, what happens when one of them is unavailable for signing (vacation, hospital, etc). This is one of the reasons why having a single

Re: [HACKERS] PGP signing releases

2003-02-05 Thread Kurt Roeckx
On Tue, Feb 04, 2003 at 06:19:42PM -0600, Greg Copeland wrote: I do agree that a checksum (or hash) is better than nothing, however, a serious security solution it is not. Which really is all I'm saying. Kurt ---(end of broadcast)--- TIP 6:

Re: [HACKERS] PGP signing releases

2003-02-05 Thread Curt Sampson
On Thu, 5 Feb 2003, Greg Copeland wrote: Who will actually hold the key? Where will it be physically kept? Good question but can usually be addressed. It can be addressed, but how well? This is another big issue that I don't see any plan for that I'm comfortable with.. The

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Bruno Wolff III
On Mon, Feb 03, 2003 at 22:55:12 -0600, Greg Copeland [EMAIL PROTECTED] wrote: I'll say this again. Checksums alone offers zero security protection. It was never intended to address that purpose. As such, it does not address it. If you need security, use a security product. Checksums

Re: [HACKERS] PGP signing releases

2003-02-04 Thread greg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 There are generally two ways to do it: have a project key, or have each developer use their own key. The advantage of the first way is that each release is signed by the same key, which is clearly associated with the project. The disadvantage is

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Kurt Roeckx
On Tue, Feb 04, 2003 at 01:35:47PM +0900, Curt Sampson wrote: On Mon, 3 Feb 2003, Kurt Roeckx wrote: I'm not saying md5 is as secure as pgp, not at all, but you can't trust those pgp keys to be the real one either. Sure you can. Just verify that they've been signed by someone you trust.

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Rod Taylor
On Tue, 2003-02-04 at 12:55, Kurt Roeckx wrote: On Tue, Feb 04, 2003 at 01:35:47PM +0900, Curt Sampson wrote: On Mon, 3 Feb 2003, Kurt Roeckx wrote: I'm not saying md5 is as secure as pgp, not at all, but you can't trust those pgp keys to be the real one either. Sure you can. Just

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Steve Crawford
Having just started working with GPG I shouldn't be considered an expert but it seems to me that each core developer should create a key and should cross-sign each others' keys to form a web of trust to verify the authenticity of those signatures. In any case, I think that if security-related

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Greg Copeland
Comments intermixed below. On Tue, 2003-02-04 at 12:04, Steve Crawford wrote: Having just started working with GPG I shouldn't be considered an expert but it seems to me that each core developer should create a key and should cross-sign each others' keys to form a web of trust to verify the

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Greg Copeland
On Tue, 2003-02-04 at 12:02, Rod Taylor wrote: On Tue, 2003-02-04 at 12:55, Kurt Roeckx wrote: On Tue, Feb 04, 2003 at 01:35:47PM +0900, Curt Sampson wrote: On Mon, 3 Feb 2003, Kurt Roeckx wrote: I'm not saying md5 is as secure as pgp, not at all, but you can't trust those pgp

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Kurt Roeckx
On Tue, Feb 04, 2003 at 02:04:01PM -0600, Greg Copeland wrote: Even improperly used, digital signatures should never be worse than simple checksums. Having said that, anyone that is trusting checksums as a form of authenticity validation is begging for trouble. Should I point out that a

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Curt Sampson
On Tue, 4 Feb 2003, Kurt Roeckx wrote: I know how it works, it's just very unlikely I'll ever meet someone so it gives me a good chain. One postgresql conference is all it takes. Anyway, I think pgp is good thing to do, just don't assume that it's always better then just md5. I think it

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Curt Sampson
On Tue, 4 Feb 2003, Kurt Roeckx wrote: There really isn't any comparison here. I didn't say you could compare the security offered by both of them. All I said was that md5 also makes sense from a security point of view. MD5, or any other unsigned check, makes sense from a security point

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Greg Copeland
On Tue, 2003-02-04 at 16:13, Kurt Roeckx wrote: On Tue, Feb 04, 2003 at 02:04:01PM -0600, Greg Copeland wrote: Even improperly used, digital signatures should never be worse than simple checksums. Having said that, anyone that is trusting checksums as a form of authenticity validation

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Curt Sampson
On Tue, 2003-02-04 at 16:13, Kurt Roeckx wrote: On Tue, Feb 04, 2003 at 02:04:01PM -0600, Greg Copeland wrote: Even improperly used, digital signatures should never be worse than simple checksums. Having said that, anyone that is trusting checksums as a form of authenticity validation is

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Andrew Dunstan
- Original Message - From: Kurt Roeckx [EMAIL PROTECTED] Should I point out that a fingerprint is nothing more than a hash? If somebody shows you their passport to prove who they are and then gives you a fingerprint of their PGP key, they have implicitly signed that fingerprint. By

Re: [HACKERS] PGP signing releases

2003-02-04 Thread Bruno Wolff III
On Tue, Feb 04, 2003 at 23:13:47 +0100, Kurt Roeckx [EMAIL PROTECTED] wrote: So a figerprint and all the hash/digest function have no purpose at all? The purpose of both is to reduce the amount of material in a way that makes it hard to generate some other material that would result in the

Re: [HACKERS] PGP signing releases

2003-02-03 Thread greg
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think we should PGP sign all the official packages that are provided for download from the various mirror sites. Doesn't anyone around here read pgsql-general? :) I've been arguing for this over there since June of last year. I've also been

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Neil Conway
On Sun, 2003-02-02 at 21:23, Marc G. Fournier wrote: well, if you want to tell me the steps, I'll consider it ... I certainly wouldn't consider myself to be an expert in PGP, but my understanding of the basic steps is: (1) Generate a public/private key pair for the PGDG team. This should be

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Rod Taylor
(3) Sign official releases using the PGDG private key, and provide the signatures on www.postgresql.org along with the packages themselves. Sounds about right. I'd go as far as to sign release announcements and security emails as well. -- Rod Taylor [EMAIL PROTECTED] PGP Key:

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Greg Copeland
On Sun, 2003-02-02 at 20:23, Marc G. Fournier wrote: right, that is why we started to provide md5 checksums ... md5 checksums only validate that the intended package (trojaned or legit) has been properly received. They offer nothing from a security perspective unless the checksums have been

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Kurt Roeckx
On Mon, Feb 03, 2003 at 12:24:14PM -0600, Greg Copeland wrote: On Sun, 2003-02-02 at 20:23, Marc G. Fournier wrote: right, that is why we started to provide md5 checksums ... md5 checksums only validate that the intended package (trojaned or legit) has been properly received. They offer

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Curt Sampson
On Mon, 3 Feb 2003, Kurt Roeckx wrote: I'm not saying md5 is as secure as pgp, not at all, but you can't trust those pgp keys to be the real one either. Sure you can. Just verify that they've been signed by someone you trust. For example, next time I happen to run into Bruce Momjian, I hope

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Greg Copeland
On Mon, 2003-02-03 at 13:55, Kurt Roeckx wrote: On Mon, Feb 03, 2003 at 12:24:14PM -0600, Greg Copeland wrote: On Sun, 2003-02-02 at 20:23, Marc G. Fournier wrote: right, that is why we started to provide md5 checksums ... md5 checksums only validate that the intended package

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Greg Copeland
On Mon, 2003-02-03 at 22:35, Curt Sampson wrote: On Mon, 3 Feb 2003, Kurt Roeckx wrote: I'm not saying md5 is as secure as pgp, not at all, but you can't trust those pgp keys to be the real one either. Sure you can. Just verify that they've been signed by someone you trust. For

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Curt Sampson
On Tue, 3 Feb 2003, Greg Copeland wrote: Surely there are a couple of key developers whom would be willing to sign each other's keys and have previously met before. Surely this would be the basis for phone validation. Then, of course, there is 'ol snail-mail route too. Of course, nothing

Re: [HACKERS] PGP signing releases

2003-02-03 Thread Greg Copeland
On Mon, 2003-02-03 at 22:35, Curt Sampson wrote: 2. Do I trust him to take care of his own key and be careful signing other keys? 3. Do I trust his opinion that the postgres release-signing key that he signed is indeed valid? 4. Do I trust the holder of the postgres

Re: [HACKERS] PGP signing releases

2003-02-02 Thread Tom Lane
Neil Conway [EMAIL PROTECTED] writes: I think we should PGP sign all the official packages that are provided for download from the various mirror sites. This is probably a good idea. I'd volunteer to do the work myself, except that it's pretty closely intertwined with the release process

Re: [HACKERS] PGP signing releases

2003-02-02 Thread Greg Copeland
On Sun, 2003-02-02 at 18:39, Neil Conway wrote: Folks, I think we should PGP sign all the official packages that are provided for download from the various mirror sites. IMHO, this is important because: - ensuring that end users can trust PostgreSQL is an important part to getting the

Re: [HACKERS] PGP signing releases

2003-02-02 Thread Marc G. Fournier
On Sun, 2 Feb 2003, Neil Conway wrote: Folks, I think we should PGP sign all the official packages that are provided for download from the various mirror sites. IMHO, this is important because: - ensuring that end users can trust PostgreSQL is an important part to getting the product used

Re: [HACKERS] PGP signing releases

2003-02-02 Thread Lamar Owen
On Sunday 02 February 2003 21:23, Marc G. Fournier wrote: On Sun, 2 Feb 2003, Neil Conway wrote: I think we should PGP sign all the official packages that are provided for download from the various mirror sites. IMHO, this is important because: right, that is why we started to provide md5

Re: [HACKERS] PGP signing releases

2003-02-02 Thread Tom Lane
Marc G. Fournier [EMAIL PROTECTED] writes: On Sun, 2 Feb 2003, Neil Conway wrote: - ensuring that end users can trust PostgreSQL is an important part to getting the product used in mission-critical applications, as I'm sure you all know. Part of that is producing good software; another part is