Re: signed tarballs
On Thu, Apr 13, 2017 at 5:08 PM, William Roberts
<bill.c.roberts(a)gmail.com> wrote:
On Apr 13, 2017 14:05, "Paul Moore"
<paul(a)paul-moore.com> wrote:
> Unless Steve has exclusive administrative access to people.redhat.com
> (I think it is safe to say he does not, but correct me if I'm wrong
> Steve <b>) you can't trust an unsigned checksum regardless of how
> strong the https cert/crypto as the web admin could still tamper with
> the data.
Sure possible, but not super plausible. You're putting some trust in the
administration of that website to begin with.
Come one man, you're smarter than this :)
I only called out the malicious admin case, but there are other cases
where someone with malicious intent could tamper with the checksum.
Some quick examples: hacked webserver, MITM https proxy, etc.
--
paul moore
security @ redhat