Re: [T(A)ILS-dev] doc: verify the iso image

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: The Tails public development discussion list
Betreff: Re: [T(A)ILS-dev] doc: verify the iso image
Hi,

sajolida wrote (23 Apr 2011 21:10:47 GMT) :

> 1. Since SHA-256 checking and OpenPGP validity check without WoT can
>    be put at the same level: basically trusting tails.boum.org, we
>    could choose to document only one of the two solutions.


Agreed.

>    And the easiest to document well is SHA-256 ;) I didn't do it yet
>    but in the end I'm in favour of removing the "Using our OpenPGP
>    key" option from this first part.


Seems to me both techniques involve the same steps (downloading an
additional file, cd'ing to the right directory, running a command)
=> I fail to see why SHA-256 is easier to document.

Moreover:

1. GNOME users can even get a right-click interface in Nautilus for
OpenPGP detached signature checking.
2. Documenting the OpenPGP way paves the road to the more serious
WoT-based method... and other OpenPGP uses we may want to promote,
such as Monkeysphere.

=> I'm rather in favour of removing the SHA-256 method.

> 2. Since going through WoT checks on Tails' key not only depends on
> technical knowledge but also on human interaction, real-life checks,
> etc. I decided not to write a technical howto but rather an explanation
> of the trust model issue, a broad picture on how could the WoT solve
> this and hints on how to start building a trust path to Tails' key.


Seems great to me.

> I'm wondering now whether to include here in some form the technical
> howto from the previous "Using our OpenPGP key". I thought that :
> - people knowledgeable enough about OpenPGP to get and check a trust
> path to Tails would probably be able to do that on their own, and
> - we won't be able to give a full GnuPG training to people who are not
> used to OpenPGP in our little howto and they would anyway need to
> establish real-life contacts with other OpenPGP-savvy people in order to
> get into the WoT.


Agreed.

> In the end I find my whole WoT explanation a bit absurd but don't really
> know what to do about it.


The LUG thing is the only part that sounds a bit funny to my hear, the
rest is pretty good I think. Anyway: sure, all we can do is provide
hints to the ones who would like to learn the WoT way. The LUG thing
is one hint. A few others may be worth mentionning too.

Did you consider suggesting Debian / Ubuntu users to go through the
Debian keyring to bootstrap a trust-path to our key, that is signed by
at least two Debian developers? E.g.:

  sudo apt-get install debian-keyring
  gpg --keyring=/usr/share/keyrings/debian-keyring.gpg --export CCD2ED94D21739E9 \
    | gpg --import


(Micah's key is outdated and expired in current debian-keyring
package, this is why the above example uses dkg's key instead.)

Another (not perfect either) way to get our pubkey would be to
download it several times, from several systems and locations, and
make sure the end-result is consistent. Hard to explain, sure, and the
ones who would do so may already know how and why to do it.

What may be made clear is: establishing a trust-path may be painful,
but it only needs to be done once.

Bye,
--
intrigeri <intrigeri@???>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| The impossible just takes a bit longer.