Re: [Tails-dev] [liberationtech] secure download tool - does…

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: liberationtech
CC: tails-dev
Betreff: Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?
Hi,

adrelanos wrote (01 Jul 2013 18:03:01 GMT) :
> Goal:


> - big file downloads
> - at least as secure as TLS
> - at least as simple as a regular download using a browser
> - not using TLS itself (too expensive) for bulk download


> The problem: [...]


+ verify that the signed file you've downloaded is actually the
version you intended to download, and not an older, also properly
signed one.

See tools that take this into account:
  - Thandy (already mentioned by Moritz)
  - our design for incremental updates:
    https://tails.boum.org/todo/incremental_upgrades/
  - TUF:
    https://www.updateframework.com/


Other than this, our current take on it is, I believe, making it
easier to verify OpenPGP detached signatures. E.g. we're working to
make it work flawlessly on the GNOME desktop.

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc