emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] package.el: check tarball signature

From: Stephen J. Turnbull
Subject: Re: [PATCH] package.el: check tarball signature
Date: Sat, 05 Oct 2013 14:40:46 +0900 
Daiki Ueno writes:
 > Ted Zlatanov <address@hidden> writes:
 > 
 > > I can put up my current patch for review but I still have HMAC, maybe
 > > UMAC, and RSA+DSA+ECC crypto to finish.  The hashing methods and the
 > > ciphers in ECB, CBC, and CTR modes are done with tests.  Should I make a
 > > Bazaar branch for that work?  Is anyone interested in reviewing it?
 > 
 > Probably I should shut up, but...

Please don't.  You seem to be the only sane voice[1] in the crowd.
Not that I agree 100% with everything you've written, but at least you
have the security mindset.  Everybody else seems to think this is like
fixing any other bug.

 > Does that mean all the package signatures will be signed/verified with
 > your own "Emacs internal" signature format, and all the packagers will
 > need to use your tool and Emacs, instead of GPG, right?

He has suggested that, but AFAIK he doesn't insist on it.

Still, the whole idea worries me; there's no reason to suppose it will
increase security, and Ted never has seemed to grasp that security is
not a SMOP, nor that security is inherently inconvenient.  Quis
custodiat ipsos custodes?  Do you really want to put a possible fox in
charge of the security check at the henhouse door?

 > That is what I opposed again and again and suggested to use a standard
 > format.

+1


Footnotes: 
[1]  I don't understand security well enough to claim to be a sane
voice, but at least I know how little I know.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]