Nmap Development mailing list archives
Re: [nmap-svn] r23169 - nmap-exp/colin/updater
From: Fyodor <fyodor () insecure org>
Date: Wed, 18 May 2011 00:04:01 -0700
On Sun, May 15, 2011 at 05:19:48PM -0700, commit-mailer () insecure org wrote:
Added: nmap-exp/colin/updater/requirements.txt ============================================================================== --- (empty file) +++ nmap-exp/colin/updater/requirements.txt Sun May 15 17:19:48 2011 @@ -0,0 +1,7 @@ +* It must be possible to verify the integrity of update metadata (e.g., + latest version number). +* It must be possible to verify the integrity of package contents. +* The system must derive trust from GPG keys. + (In other words, if the system requires the generation of new + keypairs, it must be possible to sign those with existing GPG keys.)
SSL may be OK too. I think the current GPG-signing mechanism for Nmap downloads is more secure than if we just distributed them from an SSL site. But only if people actually verify the downloads. The unfortunate reality, as evidenced by our web logs, is that only a tiny percentage even download the signature files, much less verify them. With SSL, the security isn't as strong. For example, it wouldn't by itself catch a malicious binary placed by someone who hacks the distribution server. Plus SSL CAs aren't very trustworthy. But at least the browsers check it automatically for each download. I'm not suggesting changing the Nmap PGP-signing model (though we probably should use SSL distribution in addition to the PGP signing). But I think an update service using SSL should not be ruled out just because it isn't GPG-key-based. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r23169 - nmap-exp/colin/updater Fyodor (May 18)
- Re: [nmap-svn] r23169 - nmap-exp/colin/updater Daniel Roethlisberger (May 18)
- Re: [nmap-svn] r23169 - nmap-exp/colin/updater Colin L. Rice (May 18)
- Re: [nmap-svn] r23169 - nmap-exp/colin/updater Daniel Roethlisberger (May 18)