Read Bruce Schneier's Applied Cryptography was Re: One more time, SSL vs GPG

S. Alexander Jacobson alex at alexjacobson.com
Fri May 20 12:31:35 EDT 2005 

Ok, then the question becomes

   How do you authenticate the content unless you know its key?
   -or-
   How do you know the key you should use to authenticate the content?

-Alex-

______________________________________________________________
S. Alexander Jacobson tel:917-770-6565 http://alexjacobson.com


On Thu, 19 May 2005, John Meacham wrote:

> On Thu, May 19, 2005 at 12:27:51PM -0400, S. Alexander Jacobson wrote:
>> I've read the book.  I understand crypto well enough.  Perhaps you
>> could answer a simple question:
>>
>>   If I query Hackage for a package URL, what assurance do I have that
>>   the URL I receive is actually correct?
>>
>> Note, I am NOT asking how you authenticate the content retrieved from
>> that URL.  I am asking how you know the URL itself is correct?
>
> Because if the URL is not correct, then the content will not
> authenticate. I am not sure how else to put it since that is what is
> important, that you get the package you are asking for. Note that this
> does not require you trust the hackage server at all, all security is
> end-to-end as it should be. There is no need to trust any link in the
> chain. hackage is meerly a way to match providers of packages to
> consumers of them.
>
> So, A better question is, if the content authenticates, does it matter
> whether the URL was correct? At worst it means somone is
> clandestinly mirroring your content, which doesn't seem that bad :)
>
> SSL authenticates the server and secures data on the wire against
> tampering. However, we want to authenticate the _author_ of packages,
> not the hackage server and securing data on the wire is a non-issue
> since all data is gpg signed. The hackage server is not special, the
> authors are the primaries and the hackage sever is just a convienient
> meeting place and an ad hoc (but not special or mandatory) namespace
> management center for packages.
>
> There is a place for SSL, and that is if hackage allows any sort of
> password based modification of content via web forms. But for the basic
> functionality of storing and serving packages, it is not needed.
>
>        John
>
> -- 
> John Meacham - ⑆repetae.net⑆john⑈
> _______________________________________________
> Libraries mailing list
> Libraries at haskell.org
> http://www.haskell.org/mailman/listinfo/libraries
>

More information about the Libraries mailing list