* Peter Pentchev <r...@ringlet.net> [2011-09-11 02:50]: > I also wonder why is it that nobody has so far brought up > another important consequence of using SSL, at least with > a trusted certificate at the other end - protection from not > just eavesdropping, but also man-in-the-middle attacks. Yes, it > seems kind of... weird... to think of MITM attacks against > MetaCPAN, but with just a little bit of further thinking, it's > not all *that* weird - and now you've all started me wondering > how difficult it would be to "catch" an HTTP file transfer of > a previously unknown Perl module out of the air, hijack it, > unpack the tarball, add a couple of lines to Build.PL (or > Makefile.PL or whatever), repack it and pass it on down the > line :) > > No, of course I'm not going to seriously sit down and write > code doing that. Still... I really wonder why no one brought > MITM attacks up yet :)
I think in this particular scenario you mentioned, SSL is the wrong layer at which to solve the problem. CPAN clients download from the CPAN mirror network, in general. Some sort of code signing should be baked into them (in fact there is, but it has a number of problems in its current form that I don’t remember off hand, so that nobody is using it in anger). But more generally your point is a good one. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/>
