Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Qubes Master Signing Key to dom0 #2544

Open
andrewdavidwong opened this issue Dec 28, 2016 · 5 comments

Comments

@andrewdavidwong
Copy link
Member

commented Dec 28, 2016

As John David R. Smith suggested, the Qubes Master Signing Key should be included in dom0, to mitigate the risk of an MITM attack replacing the key. This would also provide users with an additional means of confirming that their copy of the key is genuine. (As a corollary, it's yet another place that an attacker would have to attempt to replace the key with a forgery in order to deceive users.)

I recall someone suggesting this a long time ago, and I (think I) also recall @marmarek doing it, but I can't find the original thread or issue, and I don't see the key in /etc/pki/rpm-gpg/.

@rustybird

This comment has been minimized.

Copy link

commented Dec 28, 2016

I recall someone suggesting this a long time ago, and I (think I) also recall @marmarek doing it, but I can't find the original thread or issue, and I don't see the key in /etc/pki/rpm-gpg/.

qubes-core-vm provides /usr/share/qubes/qubes-master-key.asc in VMs, but providing it in dom0 too would help people who have their DVD writer attached to the same controller as their hard disk. They could burn a verified Qubes (and only Qubes) ISO in dom0 without breaking the security model.

@tasket

This comment has been minimized.

Copy link

commented Oct 24, 2017

This would be really nice to have in R3.2 about now. It makes the key verification a bit more secure, and helps users by removing several steps from the process. Even better if the R4.0 signing key is also included.

I think it makes sense to include the signing key for the next iteration in the current OS.

@andrewdavidwong

This comment has been minimized.

Copy link
Member Author

commented Apr 1, 2019

This issue is being closed because:

If anyone believes that this issue should be reopened, please let us know in a comment here.

@woju

This comment has been minimized.

Copy link
Member

commented Apr 1, 2019

@andrewdavidwong This doesn't seem related to a particular release.

@marmarek marmarek reopened this Apr 1, 2019

andrewdavidwong added a commit to QubesOS/qubes-doc that referenced this issue Aug 18, 2019
@andrewdavidwong

This comment has been minimized.

Copy link
Member Author

commented Aug 18, 2019

Documented in Verifying Signatures. Related issue: #4292.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.