X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=ITU/9JdQOwLWF2/z5SqUZyt1qBgR3UXez/4y+smjayACoLyydHNzb 2bHQmhUUk6iAcg4SJMgzbRrzmS8xJtqh4//F2o6FGY5uBBGdoZrxfq5/Fz84/bTf 7CLaQ0LPaDK5rFc/HzX81/cYAN4rAjg52V62IwImZg7lSdJldfxCDk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=iIthtFy9LradoUepD/cS7jggDh4=; b=YTHmtiy5gM9r4FlZSiDyONMEFOYU 1+nigr+igIcModjMJPtyjoQGoFlb8Yqza6tVScVIHk1thw6RZeFusZei66Qswhz+ xggjw4JZ+77Wz9QgLjKJiZDuaDxw/mbUx3FGPr1sKd3iVs8Xtl/Ojg2KcqC9Gnsq 7wreIAgmegSbFYw= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Date: Wed, 1 Apr 2015 10:30:14 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [PATCH] Add FAQ entry on how Cygwin counters man-in-the-middle (MITM) attacks Message-ID: <20150401083014.GC493@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="LwW0XdcUbUexiWVK" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) --LwW0XdcUbUexiWVK Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mar 31 14:08, David A. Wheeler wrote: > Signed-off-by: David A. Wheeler > --- > winsup/doc/faq-setup.xml | 129 +++++++++++++++++++++++++++++++++++++++++= +++++- > 1 file changed, 128 insertions(+), 1 deletion(-) Ok, it's review time. First things first, a patch should come with a plain text ChangeLog entry. See the ChangeLog file in winsup/doc for examples. Don't add the ChangeLog entry to the diffs, just add it verbatim to the mail. > diff --git a/winsup/doc/faq-setup.xml b/winsup/doc/faq-setup.xml > index 614d4a9..3764214 100644 > --- a/winsup/doc/faq-setup.xml > +++ b/winsup/doc/faq-setup.xml > @@ -156,6 +156,128 @@ and that installing the older version will not help= improve Cygwin. > > >=20=20 > + > +How does Cygwin counter man-in-the-middle (MITM) attacks= during installation and upgrade? > + The title is too specific, IMHO. What about something along the lines of "How Cygwin secures the installation process"? > + > +A man-in-the-middle (MITM) attack occurs when an attacker secretly relay= s and > +possibly alters the communication between two parties > +who believe they are directly communicating with each other. > +Here is how Cygwin counters man-in-the-middle (MITM) attacks > +during installation and update (including enough details so > +technical people can confirm it): > + I would drop this para. Just refer to=20 https://en.wikipedia.org/wiki/Man-in-the-middle_attack at some convenient point in the following para. > +[...] > + > +Up through 2015 Cygwin used the MD5 algorithm for cryptographic hashes. > +Cygwin used both MD5 and length checks, which makes some attacks harder > +than if Cygwin used only MD5, > +but MD5 is no longer considered a secure cryptographic hash algorithm. > +The 2015-02-06 update of the setup program > +added support for the SHA-512 cryptographic hash algorithm for > +sigining the setup.ini package list, as described in > +. > +The announcement also noted that there will be a switch to SHA-512 > +checksums in the setup.ini files. > +There are no known practical exploits of SHA-512 (SHA-512 is part of the > +widely-used SHA-2 suite of cryptographic hashes). > + > + We already switched to sha512, so you can skip the entire MD5 consideration. Just describe the sha512 checking. All in all the text looks good to me. You're not interested to improve other parts of the documentation as well, by any chance? :) Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --LwW0XdcUbUexiWVK Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVG6yWAAoJEPU2Bp2uRE+gYX8P/3q8g5VcS7iv9ysbhelSAe+E AG9wYCZHI89u/vnHW5d0jXDUQ6YiDjafF32o56u/AJVVenAXzChCFt0h9R3eId7R UkueddJ7K9p6dtGml4U+MOfJplfT239WiJYZjYo9AY7ppmQdlXZsWGIQOoSYI8WJ gExsMlh63OKcTYdomwjohLvaCeoBbyN9brBEHRBUftiIdR2Cr4fK93SHx/i7bC0C E8BNucE+W1tzyKzqUFspOTxuWJfM0EuEd5betLSyElohtgjc/oX2+Co/cKTycRar Qnwtb5m5zdTN7vfR5ZLONtErEXr+OB1+rHlCVP/i7guFu6vdZ1x5CAebSkZTQRsG XB6QpGIDSR1JzBdb3l2XvsRHoI2NNVEP23+Cxlui98jDeSs9grYJ4xmno2ECclOI arCSbQ0fKsP2w7KRr4m0hoj3qPVz0zWYod/Tq8unhwV+R9rzm15kR2C/Chx14O/b wo3hgrmMgwHdgmOyH58tolGmjkSATodSb+Ux6/a1zRfyR3Dhp/voB4gyIeUBJgHN IGH1zhkiqucVO1oEVtcFC+4kkCpHx6yrlFxYD3RTUEyTCYuRZGkxJ/Z2FiPpLW+w /Zi9X+8E2qp42MCm6HG3jfWTE1lbVbMtjKf/IA7Xqdn597D7JZDvnJMUaKbH+QVu ZvCloUAOaFLZs/IpkIo3 =4XG2 -----END PGP SIGNATURE----- --LwW0XdcUbUexiWVK--