New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Buy SSL certs for keys.qubes-os.org and wiki.qubes-os.org #203

Closed
marmarek opened this Issue Mar 8, 2015 · 7 comments

Comments

Projects
None yet
2 participants
@marmarek
Member

marmarek commented Mar 8, 2015

Reported by joanna on 6 Apr 2011 14:11 UTC
None

Migrated-From: https://wiki.qubes-os.org/ticket/203

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by joanna on 11 Apr 2011 12:18 UTC

Member

marmarek commented Mar 8, 2015

Modified by joanna on 11 Apr 2011 12:18 UTC

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by joanna on 22 Jun 2011 10:52 UTC

Member

marmarek commented Mar 8, 2015

Modified by joanna on 22 Jun 2011 10:52 UTC

@marmarek marmarek removed this from the Release 1 Beta 2 milestone Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by joanna on 30 Aug 2012 12:30 UTC
After thinking about it, I decided against buying the cert, for the following reasons:

  1. As we still serve our ISOs from Amazon S3 systems (over which we have absolutely no control), the fact that we had an SSL cert for qubes-os.org would not change the fact that user would still need to verify signatures on the downloaded ISOs,

  2. The certificate could only make it more convenient to verify our signing key (for ISO verification), but I'm afraid that this would discourage users from verifying the keys using 3rd party sites, such as qubes-devel archives, etc. At the same time, putting a private SSL key on our webserver (and now trusting it for our key verification) is something I would like to avoid. So far we managed to avoid the need to put any trust into servers, and I like this to stay this way.

  3. Wiki is not security sensitive, users other than Qubes core developers cannot log in there anyway, and so there is little benefit of protecting it with SSL certs.

More discussion on this topic here:

https://groups.google.com/forum/?fromgroups=#!topic/qubes-devel/hSj9IED8Z9g

Member

marmarek commented Mar 8, 2015

Comment by joanna on 30 Aug 2012 12:30 UTC
After thinking about it, I decided against buying the cert, for the following reasons:

  1. As we still serve our ISOs from Amazon S3 systems (over which we have absolutely no control), the fact that we had an SSL cert for qubes-os.org would not change the fact that user would still need to verify signatures on the downloaded ISOs,

  2. The certificate could only make it more convenient to verify our signing key (for ISO verification), but I'm afraid that this would discourage users from verifying the keys using 3rd party sites, such as qubes-devel archives, etc. At the same time, putting a private SSL key on our webserver (and now trusting it for our key verification) is something I would like to avoid. So far we managed to avoid the need to put any trust into servers, and I like this to stay this way.

  3. Wiki is not security sensitive, users other than Qubes core developers cannot log in there anyway, and so there is little benefit of protecting it with SSL certs.

More discussion on this topic here:

https://groups.google.com/forum/?fromgroups=#!topic/qubes-devel/hSj9IED8Z9g

@marmarek marmarek added the wontfix label Mar 8, 2015

@marmarek marmarek closed this Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by joanna on 9 Apr 2014 09:31 UTC
As we're granting more people access to our wiki it might be beneficial to actually have a cert for the wiki signed by a well known CA. Mostly for aesthetic reasons, but still...

Also, we need to buy certs for our Windows tools installer, and those two things might be done in one step perhaps.

Member

marmarek commented Mar 8, 2015

Comment by joanna on 9 Apr 2014 09:31 UTC
As we're granting more people access to our wiki it might be beneficial to actually have a cert for the wiki signed by a well known CA. Mostly for aesthetic reasons, but still...

Also, we need to buy certs for our Windows tools installer, and those two things might be done in one step perhaps.

@marmarek marmarek added this to the Release 2 milestone Mar 8, 2015

@marmarek marmarek removed the wontfix label Mar 8, 2015

@marmarek marmarek reopened this Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by joanna on 16 Apr 2014 13:50 UTC
See also some discussions in this recent thread:

https://groups.google.com/d/msg/qubes-users/d9HtPr-E6aI/vLibCaM5D6kJ

Member

marmarek commented Mar 8, 2015

Comment by joanna on 16 Apr 2014 13:50 UTC
See also some discussions in this recent thread:

https://groups.google.com/d/msg/qubes-users/d9HtPr-E6aI/vLibCaM5D6kJ

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by joanna on 16 Apr 2014 17:26 UTC

Member

marmarek commented Mar 8, 2015

Modified by joanna on 16 Apr 2014 17:26 UTC

@marmarek marmarek added P: major and removed P: minor labels Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by joanna on 2 Jul 2014 18:07 UTC

Member

marmarek commented Mar 8, 2015

Modified by joanna on 2 Jul 2014 18:07 UTC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment