On Oct 15, 2010, at 1:22 PM, Jeff Johnson wrote: > > On Oct 15, 2010, at 12:54 PM, Jesus Cea wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On 14/10/10 17:49, Jeff Johnson wrote: >>> Anyone interested in using mongo gridfs for SKS dump file distribiution? >> >> How do you cope with malfunctioning/hostile/malicios MongoDB instances?. >> > > Signing the sks-dump files isn't rocket science. Nor is setting up mongodb > authentication. >
There's a far better answer designed into RFC 2400/4880 tags. The pubkey materiel is fingerprinted, and there's signatures out the wazzoo in sks-dump files. So the risk of tampering (as in maliciously modifying) is no different than any other usage case for OpenPGP. There's still the possibility of malicious deletions, but the sks-dump files are used with SKS keyservers which will "fix" any malicious deletions. That still leaves malicious additions, but that's not any different than, say, uploading Yet Another pubkey through a web interface that ends up in a sks-dump*.pgp file. The only remaining risk is DoS rendering the download useless for its intent. But that's no worse than FTP transport, is it? hth 73 de Jeff _______________________________________________ Sks-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/sks-devel
