[OLPC Security] [Techteam] Crypto export and python-crypto

C. Scott Ananian cscott at laptop.org
Wed Jun 4 12:21:33 EDT 2008


I'm taking a time out from this thread for a bit.

Please take it as a given that using existing formats is preferable to
rolling your own, and concentrate on clearly writing up the security
details (what should be signed, by whom, how delegation might work)
and trying to find a set of minimal changes to existing mechanisms to
support these, instead of insisting that you must throw everything out
and start from scratch.  There is a large benefit to reusing existing
formats and making gradual changes, and this benefit far outweighs the
sort of minor quibbles you have been presenting.

In particular, the http://wiki.laptop.org/go/Activity_bundles spec
already has manifest and signature components specified, and IMO
separate standalone "translation packs" of the form saymindu has been
working on are a much better solution to the "independent translation"
problem than your elaborate system of signed and unsigned files.

Further, IMO group maintenance of an activity is best solved by simply
creating a keypair shared by all maintainers of the activity.  Yes,
this isn't as intellectually stimulating as an elaborate web of trust
of delegated signatures, but it is 95% as functional for much less
conceptual and implementation cost.  More elaborate group mechanisms
can be built on this simple base; we don't need to jump immediately to
an all-singing all-dancing solution.

Please show me that you can make small incremental improvements to the
existing codebase which we can discuss and evaluate independently.
The existing activity bundle spec has a very simple manifest and
signature mechanism specified.  Let's start by implementing that in
bundle-builder, and checking it in rainbow.  Then we can discuss more
elaborate mechanisms.

I look forward to seeing your code for this.  Please post it in
standard unified diff form to the security mailing list, with
'[PATCH]' in the subject line.  Include me in the cc to ensure I see
it.
 --scott

-- 
 ( http://cscott.net/ )


More information about the Security mailing list