[Python-Dev] PEP 427 comment: code signing

Daniel Holth dholth at gmail.com
Thu Oct 18 21:37:15 CEST 2012 

On Thu, Oct 18, 2012 at 2:21 PM,  <martin at v.loewis.de> wrote:
> I'm -1 on the usage of ed25519 in PEP 427. While the PEP proposes to use
> JSON
> Web signatures, this algorithm is not supported by the current JWS draft
> [1].
>
> Instead, I suggest to use the ES256 algorithm from JWS, i.e. ECDSA with the
> NIST P-256 curve and SHA-256. This has the advantage of using standard
> algorithms [2].
>
> I don't know what the rationale for suggesting ed25519 is; I suppose that
> existence of a pure-Python implementation played a role. However:
> - ECDSA also has a pure-Python implementation
> - ECDSA is well-supported by OpenSSL, i.e. a signature generator may also
>   invoke the OpenSSL command line for efficient implementation. I believe
>   M2Crypto also exposes enough of OpenSSL tp perform ECDSA signing and
>   verification.
>
> I'm -0 on the use of JWS; I would prefer a signature format that is already
> an established internet standard (such a PGP or S/MIME). However, it does
> look
> that this may become a proper internet standard in the near future, so it's
> an ok choice.
>
> If it really must be ed25519, I request that this is registered with IANA
> once the PEP is accepted, the RFC is accepted, and the JWS algorithm
> registry is open.

I expected ed25519 to be somewhat controversial. I will register it
with IANA when possible. I chose it because ed25519 is fast enough
that you need never consider dis-using it for performance reasons. The
wheel reference implementation includes a reasonably performant
~250-line pure-Python version*. Unlike ECDSA, signature generation
does not consume entropy; this feature of ECDSA broke the Playstation
3's code signing system.

JWS is likewise tiny to implement, so the wheel reference installer
always can and does verify the internal consistency of every signed
wheel.

S/MIME signatures are allowed as a courtesy to a government contractor
friend but are not implemented.

* https://bitbucket.org/dholth/wheel/src/tip/wheel/signatures
* http://ed25519.cr.yp.to

More information about the Python-Dev mailing list