Simon Josefsson simon@josefsson.org writes:
Btw, I plan to use my OpenPGP authentication key (i.e., not the signature key) from my Gnuk hardware dongle, exported via GnuPG's SSH agent, for use by sigsum-submit --signing-key to create *.proof. Does anyone see a problem with this? I don't know how to make my OpenPGP signature key from the Gnuk available via the SSH agent easily, has anyone done that? I haven't thought through the flow here. The threat I'm worried about is if some remote SSH server abuse my setup to make me sign some blob that may later be submitted to the Sigsum transparency log as a release signature? Is there sufficient domain context separation happening here? It doesn't feel intuitively safe.
To answer domain separation: I think there's domain separation between sigsum leaf signatures and signatures involved in *proper* ssh public key user authentication. But the ssh-agent protocol lets the client sign arbitrary data, so if you expose the signing key via ssh-agent (and it sounds like you also do agent forwarding?) to an attacker, the attacker could sign and sigsum log anything on your behalf.
For that reason, it would be preferable to use separate keys for signing, and not expose that key via ssh-agent forwarding to remote machines.
The only good thing is that by monitoring the relevant sigsum logs, you can still discover such key misuse.
BTW, how do you get the auxilliary .proof files onto the GNU ftp servers? I've only used the ftp-upload machinery with triplets foo, foo.sig, foo.directive.asc, and additional signature-like files doesn't quite fit there? Do you upload an additional triplet foo.proof, foo.proof.sig, foo.proof.directive.asc, and then ignore (or delete) the foo.proof.sig file, or is there some easier way?
Regards, /Niels