From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Cc: Theodore Ts'o <tytso@mit.edu>, Jason Gunthorpe <jgg@ziepe.ca>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Linus Torvalds <torvalds@linuxfoundation.org>,
Geert Uytterhoeven <geert@linux-m68k.org>,
tools@linux.kernel.org, users@linux.kernel.org
Subject: Re: b4-0.9.0 available
Date: Fri, 24 Jun 2022 12:29:31 -0400 [thread overview]
Message-ID: <6af132556cf362d5af96c3ae742bb9b5d67bfccf.camel@HansenPartnership.com> (raw)
In-Reply-To: <20220624161639.y2edtlzmlmc4avkz@meerkat.local>
On Fri, 2022-06-24 at 12:16 -0400, Konstantin Ryabitsev wrote:
> On Fri, Jun 24, 2022 at 12:05:35PM -0400, James Bottomley wrote:
> > On Fri, 2022-06-24 at 11:52 -0400, Konstantin Ryabitsev wrote:
> > > - submitters will be required to register their ed25519 patch
> > > attestation key with the submission endpoint and
> > > cryptographically sign their patches (email roundtrip
> > > confirmation required to register).
> >
> > Can we please be less pejorative about crypto choices? ed25519 is
> > a fine curve, but lots of crypto HSMs which do elliptic curve don't
> > do Edwards signatures because they're very different from standard
> > ECDSA signatures. Those of us who take security seriously tend to
> > use HSMs for all our private keys and thus won't do ed25519 if the
> > HSM we use can't do it.
>
> This will be only required on the web submission endpoint, and only
> to begin with. Shelling out to call gpg or openssh from a web process
> is a lot more hairy than checking ed25519 signatures using PyNaCl,
> which is the only reason behind this restriction.
Sure, I won't use it, but it would be really nice to encourage
newcomers who do use it to also be more mindful of cryptographic
security ... particularly when this is a long lived identity token.
Using overly opinionated crypto libraries is inimical to general
security for two reasons: firstly because the crypto they mandate might
not be available to tokens and secondly (and NaCl is guilty of this)
because doing token support is hard so they mostly don't bother. It
always amazes me how otherwise perfectly reasonable crypto people have
a plank in their own eye about this.
James
next prev parent reply other threads:[~2022-06-24 16:29 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-17 19:01 b4-0.9.0 available Konstantin Ryabitsev
2022-06-20 8:40 ` Geert Uytterhoeven
2022-06-21 23:38 ` Linus Walleij
2022-06-22 5:49 ` Vinod Koul
2022-06-21 15:20 ` Geert Uytterhoeven
2022-06-21 15:29 ` Konstantin Ryabitsev
2022-06-21 15:41 ` Geert Uytterhoeven
2022-06-21 15:55 ` Linus Torvalds
2022-06-21 16:03 ` Jason A. Donenfeld
2022-06-21 16:59 ` Konstantin Ryabitsev
2022-06-21 17:49 ` Jason A. Donenfeld
2022-06-21 18:29 ` Konstantin Ryabitsev
2022-06-21 18:45 ` Jason A. Donenfeld
2022-06-21 19:27 ` Konstantin Ryabitsev
2022-06-21 19:42 ` Jason A. Donenfeld
2022-06-21 19:43 ` Geert Uytterhoeven
2022-06-21 19:50 ` Jason A. Donenfeld
2022-06-21 20:06 ` Konstantin Ryabitsev
2022-06-21 20:29 ` Jason A. Donenfeld
2022-06-21 21:25 ` Bjorn Andersson
2022-06-23 23:33 ` Theodore Ts'o
2022-06-24 13:51 ` Jason Gunthorpe
2022-06-24 15:29 ` Theodore Ts'o
2022-06-24 15:34 ` Mark Brown
2022-06-24 16:05 ` Theodore Ts'o
2022-06-24 15:52 ` Konstantin Ryabitsev
2022-06-24 16:05 ` James Bottomley
2022-06-24 16:16 ` Konstantin Ryabitsev
2022-06-24 16:29 ` James Bottomley [this message]
2022-06-24 16:06 ` Jason Gunthorpe
2022-06-24 16:16 ` Mark Brown
2022-06-24 17:51 ` Chuck Lever
2022-06-24 8:34 ` Nicolas Ferre
2022-06-21 15:53 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6af132556cf362d5af96c3ae742bb9b5d67bfccf.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=Jason@zx2c4.com \
--cc=bjorn.andersson@linaro.org \
--cc=geert@linux-m68k.org \
--cc=jgg@ziepe.ca \
--cc=konstantin@linuxfoundation.org \
--cc=tools@linux.kernel.org \
--cc=torvalds@linuxfoundation.org \
--cc=tytso@mit.edu \
--cc=users@linux.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.