[Commotion-dev] Commotion download security

Dan Staples danstaples at opentechinstitute.org
Fri Oct 19 21:05:43 UTC 2012 

I'd like to bring up the issue of how to best give users the ability to
verify the integrity and authenticity of Commotion binaries and source
code they download from the website.  Currently, our redmine provides
md5 checksums of our OpenWRT images.  Without even getting into the
weaknesses of the md5 algorithm (which may or may not be relevant here),
a checksum doesn't let the user verify that the image they download is
in fact authentic (e.g. in the case of a man-in-the-middle attack or a
compromised server).

The TAILS project provides the PGP signature of their ISO image on their
download page (https://tails.boum.org/download/index.en.html).  I like
this approach because the user is able to check both the integrity and
authenticity of their download.  What would folks think about using a
PGP signature instead or in addition to an md5 checksum?  Another ideas
is that we could instruct users to use web of trust and public key
servers to retrieve and verify the PGP signing key, instead of getting
it from our website.  Of course, this brings up the question of who
would own and manage the signing key for Commotion...

Finally, attached is a screenshot of a Downloads page for the Commotion
website I'm putting together.  Right now it just has OpenWRT, but
Android will also be added.  If anyone has suggestions for what else
should go on the page or what should be different, please let me know. 
Here (or maybe elsewhere?) we could also list the features that are in
development or planned, but aren't a part of the core Commotion
repositories (like OLSRd plugins), and there would be links out to these
sub-projects.

Dan Staples

-- 
Dan Staples
Program Associate, Open Technology Institute
New America Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Download-page.screenshot.png
Type: image/png
Size: 234307 bytes
Desc: not available
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20121019/e7f082de/attachment-0001.png>

More information about the Commotion-dev mailing list