incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Burrell Donkin <robertburrelldon...@gmail.com>
Subject Re: Shutdown of the "download.services.openoffice.org" host and its Mirrorbrain instance
Date Tue, 25 Oct 2011 15:05:31 GMT
On Tue, Oct 25, 2011 at 1:38 PM, Christian Lohmaier
<cloph@openoffice.org> wrote:
> Hi Robert, *,
>
> On Tue, Oct 25, 2011 at 2:15 PM, Robert Burrell Donkin
> <robertburrelldonkin@gmail.com> wrote:
>> On Tue, Oct 25, 2011 at 12:36 PM, Christian Lohmaier
>> <cloph@openoffice.org> wrote:
>>> [...]
>>> That doesn't make sense - integrity is assured by bittorrent by
>>> providing sha1sums for each  chunk. And authenticity can be assured
>>> just like it is with regular releases - just include a corresponding
>>> signature file within the torrent.
>>
>> Better to download the signature over HTTPS but yes, I see no reason
>> why this approach could not be made to work
>
> With signature I meant a real signature (gpg signature), not a md5sum
> or sha1sum file.
> When it is a cryptographic signature, it doesn't matter how you
> download it, as it cannot be faked.
> (of course the user has to get the proper key, but that's a different issue)

FWIW it's a defense in depth measure[1]

>>>> I may have dreamed it or I am mixing this up with something else.
>>>
>>> If those were the only reasons, then they were made-up arguments.
>>
>> When engaging with Infrastructure, expect to be challenged and to have
>> to defend any proposal. These lists are open, so expect a range of
>> cluefulness from contributors. The best way to impress the core
>> infrastructure team is for plenty of clueful people from a project to
>> show up and defend the proposal with well research arguments. Giving
>> up and going away is the surest way to lose the argument...
>
> With OOo the tracker network[1] was run independently anyway and not
> hosted on the Oracle or OSUOSL hosted infrastructure. The main tracker
> was Mike's at utwente, and that mirror also was the initial/main seed
> for all the releases. There were other trackers linked together via a
> tracker-hub (backup tracker as well as the hub were provided by
> Harold).
>
> So it is not a matter of infrastructure, but a matter of policy.

Where's the URL for this policy?

Robert

[1] Consider an attacker with some ability to fabricate convincing
signatures. Downloading the signature from a trusted server means that
such an attacker would need to replace an existing signature on secure
hardware without detection. The small increase in traffic is a small
price to pay for this additional defense in depth.

Mime
View raw message