MIME-Version: 1.0
In-Reply-To: <56DD9839.2050804@student.kit.edu>
References: <56DD9839.2050804@student.kit.edu>
Date: Mon, 7 Mar 2016 16:06:09 +0100
Message-ID: 
 <CABUevEwS3ZzWLtmWTG=TNqs91sLy2efbaap5wrBbDg8Qf9Yn2w@mail.gmail.com>
Subject: Re: .deb signing key insecure against MitM
From: Magnus Hagander <magnus@hagander.net>
To: Thomas Mayer <thomas.mayer@student.kit.edu>
Cc: pgsql-docs <pgsql-docs@postgresql.org>
Content-Type: multipart/alternative; boundary=001a11c3a21a072e40052d76cecd
Precedence: bulk
Sender: pgsql-docs-owner@postgresql.org

--001a11c3a21a072e40052d76cecd
Content-Type: text/plain; charset=UTF-8

On Mon, Mar 7, 2016 at 4:03 PM, Thomas Mayer <thomas.mayer@student.kit.edu>
wrote:

> I just visited http://www.postgresql.org/download/linux/debian/ and my
> impression is that the way the signing key is published is not secured
> against wrong origin or manipulation by a man in the middle (MitM) attacker.
>
> Meaning, that if a MitM attacker can compromise downloads, he or she is
> also able to compromise the documentation site including the source of the
> signing key, e.g. by publishing the attacker's signing key to the user.
> Debian's apt-get will not complain if everything fits together.
>
> Therefore, I suggest that the whole page should be TLS secured
> (HTTPS-only), not because of encryption but to ensure origin and integrity
> of the signing key.
>


Work is under way to make the entire website available under https only.
It's blocked behind some other work at this point, but once we get there,
it should make this situation a lot better.

-- 
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

--001a11c3a21a072e40052d76cecd
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On M=
on, Mar 7, 2016 at 4:03 PM, Thomas Mayer <span dir=3D"ltr">&lt;<a href=3D"m=
ailto:thomas.mayer@student.kit.edu" target=3D"_blank">thomas.mayer@student.=
kit.edu</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=3D=
"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I just visi=
ted <a href=3D"http://www.postgresql.org/download/linux/debian/" rel=3D"nor=
eferrer" target=3D"_blank">http://www.postgresql.org/download/linux/debian/=
</a> and my impression is that the way the signing key is published is not =
secured against wrong origin or manipulation by a man in the middle (MitM) =
attacker.<br>
<br>
Meaning, that if a MitM attacker can compromise downloads, he or she is als=
o able to compromise the documentation site including the source of the sig=
ning key, e.g. by publishing the attacker&#39;s signing key to the user. De=
bian&#39;s apt-get will not complain if everything fits together.<br>
<br>
Therefore, I suggest that the whole page should be TLS secured (HTTPS-only)=
, not because of encryption but to ensure origin and integrity of the signi=
ng key.<br></blockquote><div><br></div><div><br></div><div>Work is under wa=
y to make the entire website available under https only. It&#39;s blocked b=
ehind some other work at this point, but once we get there, it should make =
this situation a lot better.</div></div><div><br></div>-- <br><div class=3D=
"gmail_signature">=C2=A0Magnus Hagander<br>=C2=A0Me: <a href=3D"http://www.=
hagander.net/" target=3D"_blank">http://www.hagander.net/</a><br>=C2=A0Work=
: <a href=3D"http://www.redpill-linpro.com/" target=3D"_blank">http://www.r=
edpill-linpro.com/</a></div>
</div></div>

--001a11c3a21a072e40052d76cecd--