Home 零对冲(ZeroHedge)每日HackerNews

Linux内核的PGP信任网
The Linux Kernel's PGP Web of Trust

原始链接: https://blog.kleine-koenig.org/ukl/the-linux-kernels-pgp-web-of-trust.html

Linux内核依赖PGP进行安全保障,子系统维护者在拉取请求中使用签名标签。Konstantin Ryabitsev维护着一个基于从Linus Torvalds的信任路径的受信任密钥的git仓库。然而,GnuPG拒绝SHA-1签名带来了问题,因为该仓库包含许多SHA-1签名。最近的更新删除了Theodore Ts'o密钥中的SHA-1签名,影响了信任路径。 完全移除SHA-1签名将严重影响“信任网”,导致485个密钥无法从Linus Torvalds获得有效的信任路径,其中包括Andrew Morton和Greg Kroah-Hartman等知名内核开发者。这将大大缩小受信任密钥的“强集合”。将在2025年嵌入式食谱会议上举行一次密钥签名活动以缓解这种情况。参与者可以在2025年5月12日08:00 UTC之前将其公钥提交到[email protected]

这篇 Hacker News 讨论串关注 Linux 内核的 PGP 信任网。原文重点介绍了 PGP 在 Linux 内核开发流程中的代码签名应用。 一位评论者回忆了从 BitKeeper 过渡到 Git 的过程,以及 BitKeeper 和 CVS 之间的差异如何导致了 Git 的采用和签署提交。另一位用户主张采用 PKI(公钥基础设施)代替 PGP,理由是 PGP 的可用性问题和安全隐患。他们认为 PKI 更健壮、更容易使用,并且由于其商业化应用而得到更好的支持,并强调了用户获取和验证密钥的困难。另一位评论者指出了 GPG 和 Git 中 SHA1 弃用的问题。他们建议发行版提供 CA 证书来签署软件包,从而提高供应链安全性和用户信任度,这类似于 Windows、macOS、Android 和 iOS 处理第三方软件身份验证的方式。讨论串中也有人指出了非英语母语人士的问题。
相关文章
  • (评论) 2024-01-27
  • 一些非字符串湍流 2025-04-25
  • (评论) 2025-03-21
  • 我是如何被 Debian 弱键漏洞绊倒的 2024-04-10
  • 2023年的代码签署有点糟糕。 2025-04-25
    • 原文
    Published: Thu 08 May 2025
    Updated: Thu 08 May 2025

    In Kernel.

    tags: OpenPGP

    The Linux kernel's development process makes use of PGP. The most relevant part here is that subsystem maintainers are supposed to use signed tags in their pull requests to Linus Torvalds. As the concept of keyservers is considered broken, Konstantin Ryabitsev maintains a collection of relevant keys in a git repository.

    As of today (at commit a0bc65fb27f5033beddf9d1ad97d67c353849be2) there are 602 valid keys tracked in that repository. The requirement for a key to be added there is that there must be at least one trust path from Linus Torvalds' key to this key of length at most 5 within that keyring.

    Occasionally it happens that a key loses its trust paths because someone in these paths replaced their key, or keys expired. Currently this affects 2 keys.

    However there is a problem on the horizon: GnuPG 2.4.x started to reject third-party key signatures using the SHA-1 hash algorithm. In general that's good, SHA-1 isn't considered secure any more since more than 20 years. This doesn't directly affect the kernel-pgpkeys repo, because the trust path checking doesn't rely on GnuPG trusting the signatures; there is a dedicated tool that parses the keyring contents and currently accepts signatures using SHA-1. Also signatures are not thrown away usually, but there are exceptions: Recently Theodore Ts'o asked to update his certificate. When Konstantin imported the updated certificate GnuPG's "cleaning" was applied which dropped all SHA-1 signatures. So Theodore Ts'o's key lost 168 signatures, among them one by Linus Torvalds on his primary UID.

    That made me wonder what would be the effect on the web of trust if all SHA-1 signatures were dropped. Here are the facts:

    • There are 7976 signatures tracked in the korg-pgpkeys repo that are considered valid, 6045 of them use SHA-1.

    • Only considering the primary UID Linus Torvalds directly signed 40 public keys, 38 of these using SHA-1. One of the two keys that is still "properly" signed, doesn't sign any other key. So nearly all trust paths go through a single key.

    • When not considering SHA-1 signatures there are 485 public keys without a trust path from Linus Torvalds of length 5 or less. So today these 485 public keys would not qualify to be added to the pgpkeys git repository. Among the people being dropped are Andrew Morton, Greg Kroah-Hartman, H. Peter Anvin, Ingo Molnar, Junio C Hamano, Konstantin Ryabitsev, Peter Zijlstra, Stephen Rothwell and Thomas Gleixner.

    • The size of the kernel strong set is reduced from 358 to 94.

    If you attend Embedded Recipes 2025 next week, there is an opportunity to improve the situation: Together with Ahmad Fatoum I'm organizing a keysigning session. If you want to participate, send your public key to [email protected] before 2025-05-12 08:00 UTC.

    联系我们 contact @ memedata.com