00:00 <raggi> in a way that protects against a plethora of attacks that just signing or just encrypting something (which is all pgp or x509 are good for) doesn't even start to approach

00:00 <raggi> and saying "debian uses gpg and it's fine" is not a good answer, debian mirrors are subject to a number of attacks described in the tuf paper(s)

00:01 <raggi> and if you want some association authority, you can lookup why docker inc. chose tuf for docker, as they did a decent write up, and you can lookup why the tor folks wrote tuf in the first place

00:02 <raggi> switching out the current signing mechanism for gpg would make absolutely no difference for package assurance

00:05 <raggi> re. the comment on nist, in case there's further paranioa coming, the reason i say that might be a better choice is not because i ahve some implied trust in nist, or have some association somewhere, it's because nists choices, regardless of potential state influence, are not entirely insane, and can be (and more importantly ARE) trusted by third party users without each and every user trying to gain

00:05 <raggi> domain expertise

00:05 <raggi> that rears it's head most directly if someone is trying to pass audits

00:06 <raggi> if your goal is for RG to pass audits, either pick something that is likely to stand strong on it's own merit, but would require some auditor effort (e.g. tuf), or pick something standard, that an auditor can bless (e.g. stuff nist recommends), and in this cae, you can do both.

00:14 <zaolin> raggi: I don't think gpg is shitty and it supports modern crypto! But yeah maybe TUF is a good or bad idea. We will see..

00:19 <raggi> it does, what modern crypto does it support?

00:36 <zaolin> raggi: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224

00:47 <zaolin> raggi: For me thats enough ;) I don't say TUF is bad. As I stated above I said "But anyway good to hear that someone tried to improve the situation."

00:49 <zaolin> I just fear that using x509v3 certificates are more the business case and running an own PKI is not easy. Good that they addressed more issues with package managers. I hope the projects will integrate it.

00:50 <zaolin> But we will see if its get accepted by end users and developers :)