From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sourceware-bugzilla@sourceware.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 8DECF3858D28; Mon,  7 Aug 2023 17:05:01 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8DECF3858D28
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1691427901;
	bh=ubTe95bt99LEfqY1jPbOULyfOFeLqddOnVxSt2bPOnI=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=Dxz3jtxhgQfj33QX/5cPTvqCMW6Ynzpcu7R3w6NbuRMi4VYEQc9GjTtMCcynKis0C
	 zJVlaP378jPjvjNL5gIUeeMTCgLKukCLvgmt/vvR8AH3bkwI8Dl5523iO1CSBSt6ik
	 5Qu+TisKhF7VhZAUQJ8bCx2Sojlek4eaSNd3oadQ=
From: "fche at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: elfutils-devel@sourceware.org
Subject: [Bug debuginfod/28204] extend webapi / verification with forthcoming
 signed-contents archives
Date: Mon, 07 Aug 2023 17:04:55 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: elfutils
X-Bugzilla-Component: debuginfod
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: fche at redhat dot com
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: rgoldber at redhat dot com
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-28204-10460-LdioKXJBRM@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-28204-10460@http.sourceware.org/bugzilla/>
References: <bug-28204-10460@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <elfutils-devel.sourceware.org>

https://sourceware.org/bugzilla/show_bug.cgi?id=3D28204

--- Comment #18 from Frank Ch. Eigler <fche at redhat dot com> ---
> Doesn't that give a false sense of "security"?
> It still rejects some stuff, but doesn't really protect against "falsifyi=
ng"
> files, all a server has to do is not provide an IMA=20

Yes, but trusted servers won't just do that.

> If it is just to see what would happen if enabling ima file checking, then
> it probably shouldn't reject anything. In that case it should warn for bo=
th
> missing and invalid signatures, but still accept them.

The difference between missing and invalid is that the latter is KNOWN bad.
An invalid signature is evidence that the file has a problem.

--=20
You are receiving this mail because:
You are on the CC list for the bug.=