[Nix-dev] [yui at cock.li: Re: Malicious installation methods]

[Yui Hirasawa]

>> HTTPS is not a verified channel. Our current CA system is really
>> fragile
>
> It is, but it works a lot better than the PGP web of trust in that it
> doesn't require people to get together to engage in quaint key signing
> rituals.

PGP has a web of trust but in our CA anyone with intermediate that is
trusted can impersonate anyone they want and no one would notice unless
they manually go and check who has signed the server cert. Unfortunately
we don't have anything that would work better than key signing rituals
and the CA system we have is objectively worse in every way except in
that the keys are already trusted and the user doesn't have to even know
they are there, and even this can be seen as a negative thing for
security.

> Signing the installer script would provide only a minor increase in
> security (in that it would require the signing key to be compromised,
> rather than the nixos.org certificate). I don't object to doing that
> though.

That is quite a major increase in security actually. Compromising a key
that can be kept offline most of the time is a lot harder than obtaining
a signed certificate for the nixos.org domain. You do not have to have
the original nixos.org certificate to perform man-in-the-middle attack.