From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 2F67F6DE02CB for ; Fri, 15 Mar 2019 08:35:58 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.141 X-Spam-Level: X-Spam-Status: No, score=-0.141 tagged_above=-999 required=5 tests=[AWL=0.060, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gu2aA2BWruv3 for ; Fri, 15 Mar 2019 08:35:57 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 1D50C6DE0B6D for ; Fri, 15 Mar 2019 08:35:55 -0700 (PDT) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1552664153; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=hu/UQfjVAPu2ReMYDmYgEKqzuxcQG8Zg5vH5QrenLnY=; b=yCtfgj/dCmS0sbCjQg1BPGFfiIrO8A+WfihkXyHpiuQpjHKZ/L4FCAhl 30Hf3Pvzcs05AFSyIaJMDSXY2zoZAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1552664153; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=hu/UQfjVAPu2ReMYDmYgEKqzuxcQG8Zg5vH5QrenLnY=; b=OlNnUBvJ3cfOlEQuFH1Kou0S+qMqshMSein8hOk+6Z4KmBxnLd8Mxr2O JVhUhZatUocVGvrxJiucr2w+cJmOzIuhtHxWnp7ROhmt9NdBz4zknASNrt tXJnaF/V1MmrVH+h0F0XvcNr1f+YpJcNBdco79dBFhKAL4EDtlfz0oYdK2 4sDff4PSp5ia+uukGPgvDkdW/YiMLyURGnK2fynuhEJzFwRFmTE9YNJk5a xrRWNIyfR3HU25MQlt1YozFkzDeIrLoT7LONtZ0sgfZO0obtbUWMK0C6GY NekWRv9ON6CLIwpKTgnXO1f2oPcNYXJc4xYWz2+K6hxjlu75omY8Ww== Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 1E661F99D; Fri, 15 Mar 2019 11:35:52 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 5CA6720AD2; Fri, 15 Mar 2019 11:35:47 -0400 (EDT) From: Daniel Kahn Gillmor To: David Bremner , Adam Majer , Carl Worth , notmuch@notmuchmail.org Subject: Re: [PATCH] build: sign tarball instead of sha256sum In-Reply-To: <87zhpwgsb9.fsf@tethera.net> References: <87mun16gmm.fsf@wondoo.home.cworth.org> <20190213021703.18412-1-david@tethera.net> <87lg1kcqg8.fsf@tethera.net> <87ftrpgjdb.fsf@fifthhorseman.net> <3bbd5c2e-54b7-dbbd-6065-68ce2c2005fd@suse.de> <87tvg4wm2v.fsf@fifthhorseman.net> <4e447225-0b1e-5142-20fc-492a35e2f314@suse.de> <87zhpwgsb9.fsf@tethera.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw== Date: Fri, 15 Mar 2019 11:35:46 -0400 Message-ID: <87ftrow3ot.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Mar 2019 15:35:58 -0000 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Fri 2019-03-15 10:50:34 -0300, David Bremner wrote: > Adam Majer writes: > >> The (my?) expectation is that a *.asc file is a detached signature.=20 >> That's why GPG is warning when it is not a detached signature. But I can= =20 >> live with .sha256.asc if there is no .sha256 ;) > > Right, aren't detached signatures preferred in general? Or am I > misremembering some gpg folklore? Detached signatures are recommended for several reasons: * They can handle non-textual data =20 * They are not confused by varying character sets/encodings of textual data * They clearly demarcate what is being signed (text documents with inline signatures can include arbitrary cruft before the signed text, or after the signature) * gpg (and gpgv)'s API has traditionally been ambiguous about what it means to say "gpg --verify foo.asc" depending on whether foo (without the ".asc") exists. This API "shortcut" has a nasty failure mode, because an attacker can ship you an arbitrary "foo" and an inline-signed document as "foo.asc". in that case, you might be surprised to find that while the signature verifies, it has nothing to do with "foo". I don't think these situations are relevant for the case of a signed sha256sum file verified in a sensible way: * we're dealing with textual data, guaranteed to be US-ASCII. Verifiers can explicitly make that assumption. * Modern versions of gpg (and gpgv) have an --output argument when validating a signature, making it much easier to see what specifically was signed, and avoiding any ambiguity about weird "foo.asc + unrelated foo" use cases (see my use of --output in the pipeline example upthread) Detached signatures have the additional disadvantage of having to juggle/coordinate more files when publishing or retrieving a new release. For the sake of shipping fewer files with each release, i think it makes sense to use a clearsigned *.sha256.asc. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQTJDm02IAobkioVCed2GBllKa5f+AUCXIvGUgAKCRB2GBllKa5f +J+OAP9rd/ZOsVrTbzDG8Gdi+6b3+OFocjKVQvABwdYAOOhq3QD/Tlj8V1RrUSEv bZdKuNQhLUmT3jeLs1135wu+09OruwM= =kmml -----END PGP SIGNATURE----- --=-=-=--