Fedora User Certificates

Fri Aug 22 18:03:50 EDT 2008

On Fri, 22 Aug 2008, John Gilmore wrote:

>
> Let's suppose the servers were broken into and severely compromised. (*)
> What could the miscreants have done that would invalidate every
> end-user's existing client certificate?
>
> There was no break-in to the clients.  Why should the clients need to
> replace anything?  Has the server lost its ability to validate the
> signature on the client certs?
>
> There may be large amounts of hassle coming for every Fedora end-user
> who wants to be able to download only signed packages (if, out of what
> they describe as an abundance of caution, Fedora changes the signing
> key for the whole distro).  But why also make unnecessary(**) hassle
> for every Fedora developer?
>
>        John
>
> (*) The last posting on the subject,
> https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
> says rather that it was a relatively minor intrusion -- but let's assume
> an even worse one.
>
> (**)  It's hard for the external community to know what's necessary and
> what's unnecessary, since the core team is only letting small amounts of
> info trickle out, in odd orders (like "change all your client certs"
> before "here's why").

John,

the Fedora/RedHat people have said some things.

they have said that the servers were broken into
they have said that the keys are comprimized
they have said that the passphrases for the keys have _not_ been 
comprimized (based on their audit that they were not used during the time 
the server was known to be comprimized)
they have said that they are going to replace all the keys anyway 'just in 
case'
they have said that due to past mistakes in how keys were dealt with they 
can't just revoke the keys in question, so they have opted to throw away 
the entire Certificate Authority and create a new one.
the e-mails that you are replying to are PGP signed.

the big problem with any PKI is 'who do you trust to sign the other keys?'

some people choose to trust commercial companies (verisign and others) who 
are known to have mishandled keys in the past and who want lots of money 
to do the signature.

other people (including, but by no means limited to RedHat) choose to 
do this themselves, on the basis that for their much more limited purposes 
it is more secure to not leave their users security in the hands of other 
companies.

if you want to argue that RedHat should have been paying 6 figures/year to 
verisign to gain the ability to issue keys that are then blessed by 
verisign you can (I happen to disagree with you), but they didn't and this 
is one of the things that can happen.

there is also information outside of this e-mail about what's going on 
here. LWN has information up at http://lwn.net/Articles/295134/

your initial observation that this is scarely similar to a phishing e-mail 
is correct, and it sounds as if Dennis has acknowledged it, but there's no 
need to keep beating him up over this.

David Lang