On 30-09-2014 20:24, Stuart Henderson wrote: > There is no "expiry time" on a signify signature. If an anoncvs server > were to be compromised such that you could no longer trust its key, > there is no way we could "revoke" that signed web page. If an attacker > was able to cause you to keep seeing an old version of the page, you'd > have no way to know that this server's key was no longer to be trusted. Yes. I went on reading the signify man page, again, and found that to be the issue. > > This is actually something that dnssec can handle to some extent (you > can set expiry times when signing a zone). But even then, signing a page > with the host fingerprints...well, all it lets you do is verify that the > server you're connecting to has a matching ssh host key and maybe that > nobody has noticed and reported any problems with the code it's handing > out within a certain window. It gives no guarantees that the program > code handed out by that server is correct. In fact, verifying the host > like this could be seen as giving a bit of a false sense of security. > I didn't mentioned this attack, it's a form of trusting trust attack. But, I believe it would be better to have this than not to. OpenBSD do not have any secure way to "get things". It's all up to the user. Not every user of OpenBSD can afford or even know how, to do what is necessary to at least have some confidence that you got things right. signify is a huge deal, but the project's infrastructure could be more "secure" in this sense. SSL? DNSSEC? signify signing of the site? I don't know what the project is willing to do, but I'm sure that something could be done.
Cheers [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
