Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

Summary

Simple and cryptographically secure process for validating ISO downloads.

Rationale

The current methods are fundamentally flawed. People have the Hobson's choice of getting md5 sums from either non-secure mirrors, such as ftp://mirror.d-jacobs.com/ubuntu/edgy/MD5SUMS, or a secure Ubuntu page that can be freely modified (UbuntuHashes). Once they have the hash and the ISO, they can verify it, but probably won't. This is because most users don't know how, and fail to understand how critical it could be. Our documentation, now at HowToMD5SUM, only provides a thorough graphical option for one operating system.

Use cases

Scope

ISO files for Ubuntu distributions.

Design

  1. Secure The solution should rely on strong algorithms, and not have major structural weaknesses that render the cryptography irrelevant.
  2. Simple It should be simple enough (or at least there should be a simple option) that inexperienced users will still use it.
  3. Open All software should be libre/open source and the design should not rely on security through obscurity.

Implementation

Code

Python includes a hashlib module which makes checking hashes easily. Additionally, it is a piece of cake to grab a file from a website. The hash could be stored on www.ubuntu.com which has more strict editing controls than any of the other websites, or it could be stored on launchpad.net.

Python's "freeze" (for Linux) and "py2exe" (for Windows) are capable of creating a binary executable that can be downloaded from a central location and used to:

  1. simply validate the iso file, or
  2. assist with the iso download, possibly using the "chunked" download method that allows files to be resumed if the connection is interrupted, or

  3. same as previous, but the iso file could be distributed in sections of aprox 65MB (edgy-i386.iso.01 - 10), each having a hash and if a segment is corrupted, only that portion of the file is re-downloaded.

I suggest starting with option #1 and adding additional features if the program warrants it.

The problem is that there is no easy way to use the gpg signatures (that I know of) in python. Maybe if we stored the hash on an SSL based server and checked the ssl key signature we could get the same level of assurance as reading the gpg signature of the hash list.

The program should definitely be GUI, but a simple gui using tk would work and it would likely be very compatible with freeze/py2exe.

Data preservation and migration

Unresolved issues

BoF agenda and discussion


CategorySpec

ISOVerification (last edited 2008-08-06 16:34:39 by localhost)