[Gpg4win-devel] Sicherheit der Downloads von der Website http://www.gpg4win.de/

[Marcus Brinkmann]

Instead of replying point by point, let me try a summary:

1) DNS is not the weak link in the chain here.

Attacks are possible but not easy.  Also, it is critical infrastructure of the
internet and many people are working on fixing its problems for us without us
doing anything.  Last but not least, we do not rely on DNS for authentication.
 So there is no problem here, at all.

2) Verifying the authenticity of the web server is not the same as verifying
the authenticity of the installer package.

The installer package can be distributed in other media, or the web server
could be attacked and the file changed.  It is important to be able to verify
the installer independently of the web page.

To be clear: The exe file is signed by a private key that is held by a
developer.  The web server private key is held by the web server on a public
network.  The exe signature tells you that the file passed unchanged from the
developer's hand to yours.  The web server's signature only tells you it
passed unchanged from the web server to your browser.

3) CAcert is not part of the trusted list of certificate authorities for many
vendors.

So the user would still need to be able to make a trust decision, but now even
more groups and indirections are involved.

4) The web of trust based on OpenPGP is much more reliable and resilient than
X.509 certificates and certificate authorities.

You say you need 4 eyes to trust an OpenPGP signature by Werner Koch, but you
are willing to trust signatures made by CAcert?  Makes no sense to me.  You
are probably underestimating the strength of OpenPGP and overestimating the
strength of X.509 certificates for HTTPS.

Even more bluntly: HTTPS is a *joke*. [1]

5) In response to Bernhard, who said that we will sign the exe file:  In the
light of how broken HTTPS is, I would be extremely reluctant to assign any
security value to signed exe files.

Chance is that the implementation is as buggy as for web browsers, and of
course all criticism of the public CA system apply here as well.  I consider
signing exe files a usability measure, not a security measure (it get rids of
a warning).

Thanks,
Marcus

[1] This deserves an explanation.  If you think that X.509 certificates
provide a value for HTTPS, then please answer a simple question for me: When
is a X.509 certificate valid for a given domain?  See the SSL attacks by Dan
Kaminsky and Moxie Marlinspike from last year for details.