Re: Dave Page's PGP key
| От | Peter Eisentraut |
|---|---|
| Тема | Re: Dave Page's PGP key |
| Дата | |
| Msg-id | 200607221417.14578.peter_e@gmx.net обсуждение исходный текст |
| Ответ на | Re: Dave Page's PGP key ("Dave Page" <dpage@vale-housing.co.uk>) |
| Список | pgadmin-hackers |
Dave Page wrote: > In order to compromise those file signatures, an attacker would have > to replace my public key on the pgAdmin SVN repo (from where it > propagates out to the webservers), If you believe that breaking into the web server is impossible, or impossible enough, you don't need PGP signatures, because the file that is being protected sits on the same or similar web server. > and somehow replace the copy on > the keyservers (which you also checked right?), Uploading a key to a key server is simple enough, and I have no knowledge that the key that is there now is yours to begin with. And even if you tell me it is, I don't know that you sent this email. You see, all an attacker would really have to do is install an HTTP proxy near the recipient's host that deals out altered files. The security of the infrastructure on your side is only part of the generally insecure communications link that PGP wants to protect against. Of course this is thoroughly paranoid, and I have no suspicion at all that pgAdmin downloads are being compromised, but recently I see too many people who attempt to "secure" their downloads by signing them with signature-less PGP keys, which gives exactly nil additional security. > Compare that to the md5sum's that Greg(?) produces That is not the standard you want to compare with. But Greg actually does have signatures on his key. -- Peter Eisentraut http://developer.postgresql.org/~petere/
В списке pgadmin-hackers по дате отправления: