On Thu, Jun 23, 2016 at 11:55 AM, Pauli Virtanen <pav@iki.fi> wrote:
Thu, 23 Jun 2016 11:47:37 -0700, Nathaniel Smith kirjoitti: [clip]
I believe the question was specifically about wheels that aren't being built by any of those three people though? But anyway, yeah, that is the main situation where this kind of package signing might help, and which I addressed in the second half of the email :-). But note that it would also work just as well to, say, keep a text file in the scipy repo that has the sha256 of every file uploaded to pypi. (Maybe even better, because someone who attacked pypi could delete the PGP signatures to confuse matters, and do you have backups?)
How do I know one of these people pushed the commit that changed the checksums to the Scipy repository?
Because it was pushed by their SSH key at the same time as they were doing the release, and then replicated to people's computers all over the world, making it impossible for anyone (even them, or even people who later steal their SSH/PGP keys) to alter later without creating incriminating entries in 'git log'. (This doesn't even require trusting github, really, so long as you trust that the people doing the release *did* intentionally look at this file and add some entries -- as long as you know that they did, and you know that only one entry was ever made to the file, then it must have been their entry.)
PGP signatures do add stronger guarantees than just trusting Github, provided they you know the people whose keys are in question.
Sure, in some situations. The main points I wanted to make are just (a) PGP-signing releases is less important than many people think, because it only helps in certain narrow situations (like trying to do forensics after an exploit is noticed), and (b) for those particular situations, there are several options that work fine, so we shouldn't stress out about PGP signatures -- if they work, great, if not, then there are other options that have slightly different behavior in edge cases but that still address the same threat model in an adequate way. -n -- Nathaniel J. Smith -- https://vorpus.org