[Haskell-cafe] SSL support for hackage and cabal

[Vincent Hanquez]

On 2013-11-04 14:37, Carter Schonwald wrote:
> broadly speaking, believing that a communication is secure/valid 
> changes the behavior of communicating participants vs if communication 
> is not secure. this is how most social engineering security issues 
> come to pass.
>
> for matters of security, being conversative about possible risks is a 
> responsible strategy.
>
I agree.

But security is not a boolean value. People using openssl shouldn't 
necessarily think they have nothing to worry about
because "it's the most widely used SSL implementation" or because "it's 
widely audited".

So it's rather a good idea to be conversative beyond just your choice of 
implementation, and always looks at the social side and
the wide context (what i'm protecting against, and what are the risks)

For all you know, the <insert bad guy> could already be in possession of 
the RSA key of the server you're communicating with,
rendering which implementation you're using moot.

In the context of hackage, this is why i think it's important to also 
get package signing (multi layered security).
SSL/TLS is just one facet of the problem.

> That said, if some folks comfortable with security and the like could 
> do some white hat auditing/hammering on hs-tls, I think that would be 
> the *ideal* way to help get buy in to that proposed approach. (not 
> sure if such volunteers exist, but that would be the ideal scenario). 
> I could ask 1-2 folks i know if they have any suggestions.
>
I would be extremely happy to see more of this happening.

In a near future, and related to my haskell crypto platform (HCP) effort,
I want to add notes/comment/warnings to places where some constructions
are probably not ideal, until I got time to actually fix them.

I'm hoping that could help with, where to look at issues first.

-- 
Vincent