Secrecy and user trust
Les Mikesell
lesmikesell at gmail.com
Mon Sep 8 00:03:53 UTC 2008
Ed Greshko wrote:
> Ed Greshko wrote:
>> It would be very nice if someone would fully define what they mean by
>> the very vague term "fake key".
>>
In this context it would one that a user would install that was not the
one officially created for the packages in the fedora repository.
> And along with that, define the method used to distribute said key in a
> manner that would be oblivious to the all end users.
It doesn't have to fool all the end users, just you. Or someone with
content worth stealing, or on a network worth penetrating.
> It has to be
> oblivious to all end users such that nobody would be able to raise an
> alarm in a reasonable amount of time.
What's a reasonable amount of time? A victim would notice if/when they
manage to get an official RPM that the key doesn't match (unless their
subverted packages remove the check) and might or might not do something
besides import the correct key.
> If the public/private key methods employed today are as easy to
> penetrate and subvert as some seem to be claiming then one has to
> question why it hasn't already been done.
It's not easy to fool everyone. The question is whether there is a way
to start from scratch so you can't fool anyone.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list