On Sat, 23 Apr 2022 13:54:59 +0200, Ansgar <ans...@43-1.org> wrote: >On Sat, 2022-04-23 at 12:21 +0200, Marc Haber wrote: >> >Is the presence of shim-signed on the install media enough to make >> >people feel somehow contaminated? >> >> I think so, yes. Personally, I don't care too much but i can >> understand why some people might. > >Why?
If only I knew. I myself don't feel to comfortable to rely on Microsoft being able to pull the plug on us any time. I don't know whether they can, but I imagine some kind of revocation mechanism being in place. And it's anther lay of indirection. While RFC compliant (1925, 6a) this introduces another possible attach vector since shim-signed might have to do its own check about the kernel to load. I do not know zilch about the shim, but this might be an issue for people. > Because it contains a third-party signature for which the private >key is not included in Debian? The same is true for signatures in >debian-archive-keyring, debian-keyring, ca-certificates, wireless- >regdb, and many other packages. A running system doesn't rely on any of those. >If we were to include more signatures in binary packages (e.g., a >signed manifest listing files (with hashes) shipped by the package, >signed executables, an embedded signature for the .deb itself), would >that be a problem? > >We do include signatures for source packages (*.dsc and also for >upstream tarballs) as well. I would LOVE to have an easier possibility to check the actual uploader's signature for anything in the archive short of squatting on every changes file ever visible. >> We can compile shim-signed and compare the signed code with our own >> object code, can't we? That we we would only have to worry about the >> validity and benignness of the signature and not worry about having >> undocumented functionality in the signed code. > >Debian's buildds build shim (binary package: shim-unsigned); the binary >generated by Debian is then signed by Microsoft's key. And we have a mechanism to check whether the code is actually the same? Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
