[SciPy-Dev] [Numpy-discussion] scipy 0.18 release candidate 1

Nathaniel Smith njs at pobox.com
Thu Jun 23 15:17:36 EDT 2016 

On Thu, Jun 23, 2016 at 11:55 AM, Pauli Virtanen <pav at iki.fi> wrote:
> Thu, 23 Jun 2016 11:47:37 -0700, Nathaniel Smith kirjoitti:
> [clip]
>> I believe the question was specifically about wheels that aren't being
>> built by any of those three people though? But anyway, yeah, that is the
>> main situation where this kind of package signing might help, and which
>> I addressed in the second half of the email :-). But note that it would
>> also work just as well to, say, keep a text file in the scipy repo that
>> has the sha256 of every file uploaded to pypi. (Maybe even better,
>> because someone who attacked pypi could delete the PGP signatures to
>> confuse matters, and do you have backups?)
>
> How do I know one of these people pushed the commit that changed the
> checksums to the Scipy repository?

Because it was pushed by their SSH key at the same time as they were
doing the release, and then replicated to people's computers all over
the world, making it impossible for anyone (even them, or even people
who later steal their SSH/PGP keys) to alter later without creating
incriminating entries in 'git log'. (This doesn't even require
trusting github, really, so long as you trust that the people doing
the release *did* intentionally look at this file and add some entries
-- as long as you know that they did, and you know that only one entry
was ever made to the file, then it must have been their entry.)

> PGP signatures do add stronger guarantees than just trusting Github,
> provided they you know the people whose keys are in question.

Sure, in some situations. The main points I wanted to make are just
(a) PGP-signing releases is less important than many people think,
because it only helps in certain narrow situations (like trying to do
forensics after an exploit is noticed), and (b) for those particular
situations, there are several options that work fine, so we shouldn't
stress out about PGP signatures -- if they work, great, if not, then
there are other options that have slightly different behavior in edge
cases but that still address the same threat model in an adequate way.

-n

-- 
Nathaniel J. Smith -- https://vorpus.org

More information about the SciPy-Dev mailing list