Use TUF metadata formats for signing index commits #7
Conversation
Changes the file formats for withoutboats' proposed `verified_registry_commits` feature for signing Cargo indexes to use formats and concepts from The Update Framework.
|
Thanks very much, Tony! 👍 I would strongly recommend leaving the In any case, this is a great start :) |
Then how is it better? Given that almost all of these changes are superficial and inconsequential for security, this is why I am honestly very suspicious of all the TUF advocacy I have experienced: I am inclined to believe that this is about a win for TUF rather than improving the security of our infrastructure. |
The full benefits would come after the Beyond that though, TUF is well-specified and has detailed descriptions of e.g. its verification workflows, for example: |
| - **`timestamp` and `root` roles combined**: this RFC describes a setup where | ||
| in practice all `root` keys would also be authorized as `timestamp` keys, | ||
| which allows us to enforce the property that all commits are signed by the | ||
| `timestamp` role. There is no security advantage to separating them (at least |
There was a problem hiding this comment.
If the timestamp key is used to ensure "transparency" (i.e., to prevent the creation of 2 separate commit chains), then we have to require an "old timestamp" signature on all commits.
There was a problem hiding this comment.
In general preventing duplicity in systems like this is difficult (see similar concerns regarding CT logs, auditors, gossip protocols, etc).
That said, I don't follow what you're saying. A signature over a git commit covers the current tree in addition to the parent OID, which is the SHA-1 digest of the previous commit's tree, parent, and the full OpenPGP signature over that commit (provided it's there), i.e. each commit signature is over the entire repository history including the signature on the previous commit.
There was a problem hiding this comment.
The idea is to have the timestamp key is stored in a manner that makes it hard for an attacker to create unlogged signatures (I think Amazon offers an HSM module that does that). If we can find such a service, it would be worth to put the timestamp key in it.
In that case, we don't want a compromised root key to bypass the "anti-duplicity" feature of the timestamp key.
There was a problem hiding this comment.
Using cloud HSM or KMS services on any of the major cloud vendors (e.g. AWS, GCP, Azure) would likely require using a different signature algorithm than Ed25519, e.g. ECDSA over P-256. ECDSA has wide support among cloud KMS services, HSMs, and PIV devices such as YubiKey 4s.
That said, there are several hardware options for Ed25519 key storage. YubiHSM2s support Ed25519, as do a number of cryptocurrency hardware wallets (e.g. Ledger), although whether that's a practical deployment option for something like @bors seems questionable.
There was a problem hiding this comment.
In that case, why not allow for verification with that signature algorithm? It feels like something we can set up basically today.
It seems likely that a threshold of the root keys will not have a strong audit mechanism, and setting up separate "root", "root+audit", and "timestamp+audit" keys feels like a PITA.
There was a problem hiding this comment.
I think ECDSA support is worth considering. FWIW I support it in Signatory.
|
I suppose the verification rules here are as following:
I could write them in pseudo- code. |
|
Thank you very much for this RFC. It was submitted four years before I was in a place to understand it. But reading it over today, with my unusual collection of knowledge and knowledge gaps, it was the most effective explanation of TUF I have ever found. Thank you. There is a long road to get to adopting a solution like this. Nonetheless, I am completely convinced that a solution like this is the direction we should be heading. (Modulo a large number of details that need to be negotiated.) I am generally in favor of incremental solutions. Sparse indexes took us three years and counting, and was a step back on the ability to sign snapshots. There is an issue to re-add snapshot like abilities to sparse indexes rust-lang/cargo#10928 Do you have resources I could read about how TUF snapshots work, or would be willing to write up an explanation? Whatever solution we come up with should be informed by the careful thought put into TUFs design. |
Rendered
This PR adapts rust-lang#2474 to use file schemas (serialized as TOML) and role names from The Update Framework (TUF):
root.tomlcan-rotateprivilege => TUFrootrolecan-commitprivilege => TUFtimestamproleIt should be a fairly close to a 1:1 mapping of TUF concepts to the original approach, and otherwise continues to use OpenPGP public keys, fingerprints, and signatures on git commits. The main differences are:
root.toml) has a different schemaroot.tomlis checked into the repository as opposed to being stored in an annotated tag (tagged commits can be signed alagit tag -s)timestamp.jsonfile, bumping aversionnumber andexpiresdateroot-rotation-and the counter starts from 1 instead of 0 per the TUF specOther than that, it should pretty much be the same idea.
Omitted for now are TUF's
targetsrole andsnapshotroles. Thetargetsrole could provide end-to-end crate integrity, but is a much more substantial undertaking in hopes of keeping an initial index signing simple. The value of thesnapshotrole in a git-based system is debatable. It might be worth including for compatibility with existing TUF implementations (e.g. rust-tuf), but this PR omits it for now (if you feel strongly about including it, please leave a note and I can update the PR).