Hi, On Sun, 2024-03-31 at 00:40 +0500, Andrey Rakhmatullin wrote: > On Sat, Mar 30, 2024 at 05:00:26PM +0100, Marco d'Itri wrote: > > > I think that the real question is whether we should really still > > use > > code-signing keys which are not stored in (some kind of) HSM. > What are the options for random DDs for that?
Yubikeys, Nitrokeys, GNUK, OpenPGP smartcards and similar devices. Possibly also TPM modules in computers. These can usually be used for both OpenPGP and SSH keys. If someone cannot afford them, I think Debian paying for them is a good investment; Debian buying tokens for all project members would also be nice, but logistics are probably annoying... A compromised computer alone is then not enough to get a copy of the private key: one would also need an exploit for the hardware token. (A compromised computer can still give temporary access to the key when it is in use and unlocked; some devices can require pushing a button for signing, but of course a compromised computer could claim to sign something different than what gets signed and just show a "wrong PIN" message to have the user try again.) If you believe the hardware token to have a backdoor, exploiting it might still require physical access to the token. Ansgar