Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Dec 2005 05:15:30 +1100
From:      Peter Jeremy <PeterJeremy@optushome.com.au>
To:        Alexander Leidinger <netchild@freebsd.org>
Cc:        freebsd-security@freebsd.org, Kurt Seifried <listuser@seifried.org>
Subject:   Re: Reflections on Trusting Trust
Message-ID:  <20051130181530.GE32006@cirb503493.alcatel.com.au>
In-Reply-To: <20051130144343.od5die60gsw4k0k0@netchild.homeip.net>
References:  <20051127182116.GA30426@cirb503493.alcatel.com.au> <000e01c5f410$2de67820$1300110a@pooptop> <20051130144343.od5die60gsw4k0k0@netchild.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 2005-Nov-30 14:43:43 +0100, Alexander Leidinger wrote:
>Kurt Seifried <listuser@seifried.org> wrote:
>
>>should have people upload their keys. On another note I am available 
>>to sign PGP keys (proving your key/identity is an excercise left to 
>>the reader =),
>
>or to the signer... the keys are available in the handbook (either from
>www.freebsd.org or in raw from http://cvsweb.freebsd.org/doc)

But how do I know that the data I download from *.freebsd.org hasn't
been tampered with?  Either by a MITM attack between me and the real
*.freebsd.org site or a DNS attack redirecting me to a third site.
This was the nub of my original posting.

> And AFAIK this is all PGP is supposed to verify, that the person
>behind "user@example.tld" is the same as the person with access to the
>secret key for this address.

PGP is susceptable to MITM attacks - Ann asks Bruce for his public
key.  Mallory intercepts the request and substitutes his own public
key.  He can then intercept, alter and re-sign following exchanges so
neither Ann nor Bruce realise they have an intruder.

>But this assumes the signer trusts the FreeBSD.org security:

If you don't trust the FreeBSD Project you wouldn't run FreeBSD.

> Without ssh access there's no way to insert a key into the CVS
>repository.

Assuming no security holes in the infrastructure...  How can I tell
that my private copy of the FreeBSD Project's CVS repository is the
same as the one on whatever.FreeBSD.org?

-- 
Peter Jeremy

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051130181530.GE32006>