Add zarb MLs html archivesHEADmaster

1 files changed, 125 insertions, 0 deletions

diff --git a/zarb-ml/mageia-dev/20110131/002393.html b/zarb-ml/mageia-dev/20110131/002393.html
new file mode 100644
index 000000000..731545d38
--- /dev/null
+++ b/zarb-ml/mageia-dev/20110131/002393.html
@@ -0,0 +1,125 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] PGP keys and package signing
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20PGP%20keys%20and%20package%20signing&In-Reply-To=%3C1296490705.12892.41.camel%40akroma.ephaone.org%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="002400.html">
+   <LINK REL="Next"  HREF="002396.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] PGP keys and package signing</H1>
+    <B>Michael Scherer</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20PGP%20keys%20and%20package%20signing&In-Reply-To=%3C1296490705.12892.41.camel%40akroma.ephaone.org%3E"
+       TITLE="[Mageia-dev] PGP keys and package signing">misc at zarb.org
+       </A><BR>
+    <I>Mon Jan 31 17:18:25 CET 2011</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="002400.html">[Mageia-dev] PGP keys and package signing
+</A></li>
+        <LI>Next message: <A HREF="002396.html">[Mageia-dev] PGP keys and package signing
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#2393">[ date ]</a>
+              <a href="thread.html#2393">[ thread ]</a>
+              <a href="subject.html#2393">[ subject ]</a>
+              <a href="author.html#2393">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Le lundi 31 janvier 2011 &#224; 16:03 +0100, nicolas vigier a &#233;crit :
+&gt;<i> On Sun, 30 Jan 2011, Motoko-chan wrote:
+</I>&gt;<i>
+</I>&gt;<i> &gt; If possible, using a split key so that no single person can revoke a 
+</I>&gt;<i> &gt; signature or sign a key would be useful. This would prevent attacks where 
+</I>&gt;<i> &gt; an individual might be tricked into signing an attacker's key. It would 
+</I>&gt;<i> &gt; require multiple people to be tricked or have their systems compromised to 
+</I>&gt;<i> &gt; have that key compromised.
+</I>&gt;<i> 
+</I>&gt;<i> Yes, we could do something like that. Maybe each board member could have
+</I>&gt;<i> a copy of the key, but encrypted with the key of all other board members,
+</I>&gt;<i> so that it requires two people to access the key ? Or the people who
+</I>&gt;<i> have the key don't know the passphrase, and the people who know the
+</I>&gt;<i> passphrase don't have the key ?
+</I>
+Like : <A HREF="http://point-at-infinity.org/ssss">http://point-at-infinity.org/ssss</A> ?
+
+Too bad it doesn't seems to be much maintained :/
+
+
+&gt;<i> &gt;&gt;   - In case we think the packages@ key may have been compromised, or is
+</I>&gt;<i> &gt;&gt;     too old, or we want to change it for any other reason, we revoke the
+</I>&gt;<i> &gt;&gt;     key, and/or revoke the signature from board@ so that it is no
+</I>&gt;<i> &gt;&gt;     longer accepted by urpmi. We create a new key, we sign it with
+</I>&gt;<i> &gt;&gt;     the board@ key and we can start to use this new key.
+</I>&gt;<i> &gt; Sounds good. I'd almost suggest a new packages signing key for each new 
+</I>&gt;<i> &gt; release that is valid for the supported life of the release plus one year. 
+</I>&gt;<i> &gt; It's a bit more work, but would reduce the damage a key leak would cause. 
+</I>&gt;<i> &gt; Unfortunately, this would bring back the problems of re-signing packages 
+</I>&gt;<i> &gt; when they are turned into a release.
+</I>&gt;<i> 
+</I>&gt;<i> I think we should avoid keys with expiration date because :
+</I>&gt;<i>  - maybe we will want to extend supported life of the release
+</I>&gt;<i>  - some people may want to continue using the release after end of life
+</I>
+We can 1) have a long enough expiration date ( but EOL + 1y seems quite
+enough IMHO )
+2) push unexpired keys before it is too late if needed ( I routinely
+push my key after extending the expiration date ).
+
+And people should be able to force a bypass of the system of course, but
+they will be on their own ( ie, that's quite the definition of EOL ).
+And this should be documented, and easy to do ( but warn people without
+harrassing too much can be quite difficult ).
+
+We can also say that we erase the keys once it is not planned to be used
+anymore, so we would no longer care about protecting them ( ie, we say
+the key is expired for good, and that's all ).
+
+&gt;<i>  - I don't think using expiration date reduce the damage of a leaked
+</I>&gt;<i>    key. If the key is leaked, we revoke it (or its signature) immediatly
+</I>&gt;<i>    on all key servers, which should be faster than waiting for the key to
+</I>&gt;<i>    expire. And replacing an expired key is not more simple than replacing
+</I>&gt;<i>    a revoked key.
+</I>
+The problem is not leaking the key, it is about cryptographic attacks
+about older keys.
+
+If in 10 years, there is some technology that allows people to get our
+private key by bruteforce on the public one, if it is expired, attackers
+will not be able to use it even if they have it. Since the plan is to
+say &quot;every key signed is valid&quot;, then we are potentially screwed if a
+old key is compromised offline.
+
+-- 
+Michael Scherer
+
+</PRE>
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="002400.html">[Mageia-dev] PGP keys and package signing
+</A></li>
+	<LI>Next message: <A HREF="002396.html">[Mageia-dev] PGP keys and package signing
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#2393">[ date ]</a>
+              <a href="thread.html#2393">[ thread ]</a>
+              <a href="subject.html#2393">[ subject ]</a>
+              <a href="author.html#2393">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>