[Catalog-sig] Proposal: Move PyPI static data to the cloud for better availability
"Martin v. Löwis"
martin at v.loewis.de
Wed Jun 16 08:09:58 CEST 2010
> I'm not clear on this and the document is a little vague, so perhaps
> I should be perusing the source, but if you don't protect against a
> serverkey MITM and you are supposed to update the serverkey any
> time a signature doesn't match up, couldn't an attacker just MITM
> you, produce a known bad signature, and then wait for you to
> request a serverkey from them?
That's true; transmission of the serverkey is not currently protected
against MITM. How would you suggest to fix that?
As for perusing the source: the client behavior is not implemented yet,
so there isn't really any source to check, yet.
More information about the Catalog-SIG