On 16/05/15 08:36, Jim Perrin wrote:
>
>
> On 05/15/2015 02:49 PM, Matthew Miller wrote:
>> On Fri, May 15, 2015 at 03:44:39PM -0400, James B. Byrne wrote:
>>> What are the plans for the CentOS repos with respect to authentication
>>> and https everywhere? At the moment it is a trivial exercise to
>>> perform a MTM attack during a yum update over http.
>>
>> Since the packages themselves are signed, what risk are you concerned
>> about?
>>
>
> Not only are the packages signed, but we're now offering signed
> repository metadata as well.
>
> HTTPS is an incremental improvement, but is by no means a silver bullet.
> Look at the superfish fiasco if anyone thinks otherwise.
>
> The other side to this is many people update from outside .centos.org.
> Who's cert would you use for mirrors.kernel.org/centos/7/os/x86_64/ for
> example?
Agreed, MITM isn't a great problem as the packages are signed.
People monitoring your connection know what you've updated, and what you
haven't, thus knowing what you may be vulnerable to, is a problem. But
quite arguably not a great as problem as a MITM attack.
Pete.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
