SSL support for hackage and cabal

Eli Frey

2 Nov 2013 2 Nov '13

3:25 p.m.

Hello all, It recently came to my attention that hackage is http only. I would love to do anything I can to help hackage support https. What is the process for volunteering with the IHG (I imagine this is the avenue for helping with hackage/haskell.org). If the IHG is having dificulty getting an SSL certificate, GlobalSign (ful disclosure, they are my employer) provides free certificates to FOSS projects. here is a link: https://www.globalsign.com/ssl/ssl-open-source/ I am also concerned that cabal does not have support for SSL, but hackage must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes. Cheers, Eli

Attachments:

attachment.html (text/html — 874 bytes)

Show replies by date

Scott Lawrence

2 Nov 2 Nov

3:30 p.m.

Hello, On the other side: cabal, at least, uses the HTTP package, and I've been (slowly) working on adding SSL support. On Sat, 2 Nov 2013, Eli Frey wrote:

...

Hello all,

It recently came to my attention that hackage is http only. I would love to do anything I can to help hackage support https. What is the process for volunteering with the IHG (I imagine this is the avenue for helping with hackage/haskell.org).

If the IHG is having dificulty getting an SSL certificate, GlobalSign (ful disclosure, they are my employer) provides free certificates to FOSS projects.

here is a link: https://www.globalsign.com/ssl/ssl-open-source/

I am also concerned that cabal does not have support for SSL, but hackage must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

Cheers, Eli

-- Scott Lawrence

Jason Dagit

3:58 p.m.

On Sat, Nov 2, 2013 at 12:25 PM, Eli Frey wrote:

...

Hello all,

It recently came to my attention that hackage is http only. I would love to do anything I can to help hackage support https. What is the process for volunteering with the IHG (I imagine this is the avenue for helping with hackage/haskell.org).

If the IHG is having dificulty getting an SSL certificate, GlobalSign (ful disclosure, they are my employer) provides free certificates to FOSS projects.

Yes! And they have graciously given us an SSL certificate. We are very pleased by that :) Having an SSL certificate is a recent thing for us and the infrastructure team is currently busy wrapping up other tasks. We do have folks assigned to putting the cert in place and configuring everything, they just need a bit more time :) (More volunteers would help too, but that's longer term.) I am also concerned that cabal does not have support for SSL, but hackage

...

must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

Yes, this is the next part to tackle. Jason

Eli Frey

4:33 p.m.

...

Yes! And they have graciously given us an SSL certificate. We are very pleased by that :)

Who-da thunk it :). Configuring ssl can be tricky, especially getting it right. I'de love to help if you have any problems. We use sslcheck.x509labs.com internally to make sure everything is working correctly. It even has step-by-step instructions on how to fix some problems.

...

On the other side: cabal, at least, uses the HTTP package, and I've been (slowly) working on adding SSL support.

Oh lovely! I can not find your work through the github repos, but I'd love to take a look and see if I can help. On Sat, Nov 2, 2013 at 12:58 PM, Jason Dagit wrote:

...

On Sat, Nov 2, 2013 at 12:25 PM, Eli Frey wrote:

...
Hello all,

It recently came to my attention that hackage is http only. I would love to do anything I can to help hackage support https. What is the process for volunteering with the IHG (I imagine this is the avenue for helping with hackage/haskell.org).

If the IHG is having dificulty getting an SSL certificate, GlobalSign (ful disclosure, they are my employer) provides free certificates to FOSS projects.

Yes! And they have graciously given us an SSL certificate. We are very pleased by that :)

Having an SSL certificate is a recent thing for us and the infrastructure team is currently busy wrapping up other tasks. We do have folks assigned to putting the cert in place and configuring everything, they just need a bit more time :) (More volunteers would help too, but that's longer term.)

I am also concerned that cabal does not have support for SSL, but hackage

...
must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

Yes, this is the next part to tackle.

Jason

Scott Lawrence

4:42 p.m.

On Sat, 2 Nov 2013, Eli Frey wrote:

...

Oh lovely! I can not find your work through the github repos, but I'd love to take a look and see if I can help.

Nothing posted online yet. I'll slap a fork up and post here as soon as it's working enough for multiple eyes to be meaningful (bug finding/fixing etc). -- Scott Lawrence

Johan Tibell

4:34 p.m.

Hi, On Sat, Nov 2, 2013 at 8:25 PM, Eli Frey wrote:

...

I am also concerned that cabal does not have support for SSL, but hackage must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

We need an SSL library that cabal can depend on. This means that it needs to be cross-platform, not pull in too many other depedencies, etc. Someone needs to investigate the options and perhaps write a new binding if needed. -- Johan

Scott Lawrence

4:41 p.m.

I believe tls and tls-extra (http://hackage.haskell.org/package/tls-1.1.5) satisfy those requirements, being pure haskell. On Sat, 2 Nov 2013, Johan Tibell wrote:

...

Hi,

On Sat, Nov 2, 2013 at 8:25 PM, Eli Frey wrote:

...
I am also concerned that cabal does not have support for SSL, but hackage must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

We need an SSL library that cabal can depend on. This means that it needs to be cross-platform, not pull in too many other depedencies, etc. Someone needs to investigate the options and perhaps write a new binding if needed.

-- Johan

-- Scott Lawrence

Johan Tibell

6:44 p.m.

True. Although to be honest I want something true and tested when it comes to crypto. On Sat, Nov 2, 2013 at 9:41 PM, Scott Lawrence wrote:

...

I believe tls and tls-extra (http://hackage.haskell.org/package/tls-1.1.5) satisfy those requirements, being pure haskell.

On Sat, 2 Nov 2013, Johan Tibell wrote:

Hi,

...
On Sat, Nov 2, 2013 at 8:25 PM, Eli Frey wrote:

I am also concerned that cabal does not have support for SSL, but hackage

...
must come first and at least then a sufficiently paranoid person can download their packages over https and ad them to their cabal sandboxes.

We need an SSL library that cabal can depend on. This means that it needs to be cross-platform, not pull in too many other depedencies, etc. Someone needs to investigate the options and perhaps write a new binding if needed.

-- Johan

-- Scott Lawrence

John Wiegley

3 Nov 3 Nov

2:02 a.m.

...

...
...
...
...
Johan Tibell writes:

...

True. Although to be honest I want something true and tested when it comes to crypto.

Although in this case, the worst scenario is that we return to parity with the status quo (i.e., the security lib is worthless and we revert back to having no security). -- John Wiegley FP Complete Haskell tools, training and consulting http://fpcomplete.com johnw on #haskell/irc.freenode.net

Scott Lawrence

4:48 a.m.

One could argue that the potential for a false sense of security could make (very) bad encryption worse than no encryption. Personally, I've always been a bit uncomfortable with the small number of widely-used implementations (AFAIK OpenSSL and GnuTLS combined account for pretty much all TLS-using open-source software), and I think pushing another one into wider usage would be a good thing (while acknowledging that it's likely more vulnerable than the older implementations). On Sun, 3 Nov 2013, John Wiegley wrote:

...

...
...
...
...
...
Johan Tibell writes:

...
True. Although to be honest I want something true and tested when it comes to crypto.

Although in this case, the worst scenario is that we return to parity with the status quo (i.e., the security lib is worthless and we revert back to having no security).

-- John Wiegley FP Complete Haskell tools, training and consulting http://fpcomplete.com johnw on #haskell/irc.freenode.net _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

-- Scott Lawrence

Vincent Hanquez

4 Nov 4 Nov

1:24 a.m.

On 2013-11-03 17:48, Scott Lawrence wrote:

...

One could argue that the potential for a false sense of security could make (very) bad encryption worse than no encryption.

Well. No, false sense of security is bad, however is has no link with your absolute level of security. Even bad cryptographic implementation provide some security in a sense, at worse by obscurity (which is very poor security, but not zero), and In the best case (of the bad) a rather hard problem for resource-less people. Now i'm not saying that bad implementations are OK, and certainly I hope that's not the case in tls, but in the context where we got nothing, just as John Wiegley rightfully mentioned, the risk is quite small. it's rather sad to see the "i'ld rather have *no* security whatsoever, than maybe have some" hard line.

...

Personally, I've always been a bit uncomfortable with the small number of widely-used implementations (AFAIK OpenSSL and GnuTLS combined account for pretty much all TLS-using open-source software), and I think pushing another one into wider usage would be a good thing (while acknowledging that it's likely more vulnerable than the older implementations).

That, and also that half of openssl CVE in the past 20 years were buffer overflow/underflow. Nothing to do with cryptography, but rather just simple memory management. I think this got to give some security points for a (mostly) haskell implementation. -- Vincent

Carter Schonwald

1:37 a.m.

broadly speaking, believing that a communication is secure/valid changes the behavior of communicating participants vs if communication is not secure. this is how most social engineering security issues come to pass. for matters of security, being conversative about possible risks is a responsible strategy. That said, if some folks comfortable with security and the like could do some white hat auditing/hammering on hs-tls, I think that would be the *ideal* way to help get buy in to that proposed approach. (not sure if such volunteers exist, but that would be the ideal scenario). I could ask 1-2 folks i know if they have any suggestions. On Mon, Nov 4, 2013 at 1:24 AM, Vincent Hanquez wrote:

...

On 2013-11-03 17:48, Scott Lawrence wrote:

...
One could argue that the potential for a false sense of security could make (very) bad encryption worse than no encryption.

Well. No, false sense of security is bad, however is has no link with your absolute level of security.

Even bad cryptographic implementation provide some security in a sense, at worse by obscurity (which is very poor security, but not zero), and In the best case (of the bad) a rather hard problem for resource-less people.

Now i'm not saying that bad implementations are OK, and certainly I hope that's not the case in tls, but in the context where we got nothing, just as John Wiegley rightfully mentioned, the risk is quite small.

it's rather sad to see the "i'ld rather have *no* security whatsoever, than maybe have some" hard line.

Personally, I've always been a bit uncomfortable with the small number of

...
widely-used implementations (AFAIK OpenSSL and GnuTLS combined account for pretty much all TLS-using open-source software), and I think pushing another one into wider usage would be a good thing (while acknowledging that it's likely more vulnerable than the older implementations).

That, and also that half of openssl CVE in the past 20 years were buffer overflow/underflow. Nothing to do with cryptography, but rather just simple memory management. I think this got to give some security points for a (mostly) haskell implementation.

-- Vincent

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Vincent Hanquez

2:13 a.m.

On 2013-11-04 14:37, Carter Schonwald wrote:

...

broadly speaking, believing that a communication is secure/valid changes the behavior of communicating participants vs if communication is not secure. this is how most social engineering security issues come to pass.

for matters of security, being conversative about possible risks is a responsible strategy.

I agree. But security is not a boolean value. People using openssl shouldn't necessarily think they have nothing to worry about because "it's the most widely used SSL implementation" or because "it's widely audited". So it's rather a good idea to be conversative beyond just your choice of implementation, and always looks at the social side and the wide context (what i'm protecting against, and what are the risks) For all you know, the <insert bad guy> could already be in possession of the RSA key of the server you're communicating with, rendering which implementation you're using moot. In the context of hackage, this is why i think it's important to also get package signing (multi layered security). SSL/TLS is just one facet of the problem.

...

That said, if some folks comfortable with security and the like could do some white hat auditing/hammering on hs-tls, I think that would be the *ideal* way to help get buy in to that proposed approach. (not sure if such volunteers exist, but that would be the ideal scenario). I could ask 1-2 folks i know if they have any suggestions.

I would be extremely happy to see more of this happening. In a near future, and related to my haskell crypto platform (HCP) effort, I want to add notes/comment/warnings to places where some constructions are probably not ideal, until I got time to actually fix them. I'm hoping that could help with, where to look at issues first. -- Vincent

Donn Cave

3 Nov 3 Nov

12:02 p.m.

Quoth Johan Tibell, [ ... Re Haskell TLS implementation ]

...

True. Although to be honest I want something true and tested when it comes to crypto.

Don't believe in security by obscurity? How strongly do you feel about the cross platform and dependency issues? When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc. Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing? Donn

Mike Izbicki

12:35 p.m.

What's the standard practice for how FOSS software actually keeps a private key private? This requirement is rather counter cultural, and so I imagine it's often not done in a robust way. Do you typically just trust that whomever is in charge of the project didn't make any mistakes in the installation and didn't sellout the key to someone else? Or is there a way for other eyes to verify that everything happened correctly without exposing the private key to every contributor? On Sun, Nov 3, 2013 at 9:02 AM, Donn Cave wrote:

...

Quoth Johan Tibell, [ ... Re Haskell TLS implementation ]

...
True. Although to be honest I want something true and tested when it comes to crypto.

Don't believe in security by obscurity?

How strongly do you feel about the cross platform and dependency issues?

When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

Donn _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Scott Lawrence

12:49 p.m.

Even if you do expose the private key to other people, there's no way for them to know that the administrator didn't also send it somewhere else -- you can't prove that somebody hasn't duplicated information, without making sure they don't have access to the information (which the admin must). At the end of the day, trusting admins is what almost always happens. The other route is for packages to be individually signed by developers. As I recall, that's been explicitly discussed and informally rejected here before, on the grounds that it makes the uploading process significantly more cumbersome for many people. On Sun, 3 Nov 2013, Mike Izbicki wrote:

...

What's the standard practice for how FOSS software actually keeps a private key private? This requirement is rather counter cultural, and so I imagine it's often not done in a robust way.

Do you typically just trust that whomever is in charge of the project didn't make any mistakes in the installation and didn't sellout the key to someone else? Or is there a way for other eyes to verify that everything happened correctly without exposing the private key to every contributor?

On Sun, Nov 3, 2013 at 9:02 AM, Donn Cave wrote:

...
Quoth Johan Tibell, [ ... Re Haskell TLS implementation ]

...
True. Although to be honest I want something true and tested when it comes to crypto.

Don't believe in security by obscurity?

How strongly do you feel about the cross platform and dependency issues?

When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

Donn _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

-- Scott Lawrence

Niklas Hambüchen

1:19 p.m.

On 03/11/13 17:49, Scott Lawrence wrote:

...

Even if you do expose the private key to other people, there's no way for them to know that the administrator didn't also send it somewhere else -- you can't prove that somebody hasn't duplicated information, without making sure they don't have access to the information (which the admin must).

At the end of the day, trusting admins is what almost always happens. The other route is for packages to be individually signed by developers. As I recall, that's been explicitly discussed and informally rejected here before, on the grounds that it makes the uploading process significantly more cumbersome for many people.

It is clear that putting HTTPS on the Hackage web site is the first step. Then comes cabal SSL support, and then maybe in the future the package signing. Once again, could we please just go ahead and push forward that the SSL certificate gets on the web server? As Jason Dagit said: We do have folks assigned to putting the cert in place and configuring everything, they just need a bit more time (More volunteers would help too, but that's longer term.) Who are the folks, and what needs more time? There seem to be a lot of volunteers around who would like to help (for example, I have asked for this multiple times over the last years and this thread shows that there are many more people interested in it).

Carter Schonwald

1:27 p.m.

Theres a Haskell-infrastructure team that is now managing much of the community infrastructure, talk with them if you want to get involved. they're often found on the #haskell-infrastructure irc channel on freenode and they're amazingly responsive (despite being all volunteers) On Sun, Nov 3, 2013 at 1:19 PM, Niklas Hambüchen wrote:

...

On 03/11/13 17:49, Scott Lawrence wrote:

...
Even if you do expose the private key to other people, there's no way for them to know that the administrator didn't also send it somewhere else -- you can't prove that somebody hasn't duplicated information, without making sure they don't have access to the information (which the admin must).

At the end of the day, trusting admins is what almost always happens. The other route is for packages to be individually signed by developers. As I recall, that's been explicitly discussed and informally rejected here before, on the grounds that it makes the uploading process significantly more cumbersome for many people.

It is clear that putting HTTPS on the Hackage web site is the first step.

Then comes cabal SSL support, and then maybe in the future the package signing.

Once again, could we please just go ahead and push forward that the SSL certificate gets on the web server?

As Jason Dagit said:

We do have folks assigned to putting the cert in place and configuring everything, they just need a bit more time (More volunteers would help too, but that's longer term.)

Who are the folks, and what needs more time?

There seem to be a lot of volunteers around who would like to help (for example, I have asked for this multiple times over the last years and this thread shows that there are many more people interested in it). _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Gershom Bazerman

2 p.m.

On various topics: Security is a multifaceted beast with many related issues, depending on which attack vectors we're concerned about, with what degree of assurance. Ultimately, we rely on trusted parties, and so of course don't have a defense (other than 'many eyes') if someone were to hand e.g. SPJ or Austin or the maintainer of a key package in the Platform a swiss bank account with some quantity of gold sufficient to induce them to put in a backdoor, or perhaps just steal their computers, passwords, and keys to put in a backdoor themselves. That said, even if we consider that we 'trust' key individuals involved, as well as the security of their keys and identity, we still have other vectors to prevent. Here's my summary of what I understand (thanks to Duncan for helping me sort this out on IRC. Most insights his, all omissions mine). 1) Only those individuals who own packages should be able to upload their packages. A) This is solvable soon and directly by adding SSL to hackage, so that they can upload (via the web interface) in a secure manner. B) To upload securely via "cabal upload" we'll need cabal to have access to the right secure protocols. C) The "easy" answer here is to shell out to curl or the like, and place the obligation on the end user to have the right security-enabled binaries on their system. D) Other than that, we need to use e.g. "tls" and "tls-extras" E) To trust those, we should encourage outreach to the security community as a whole to examine, harden, etc. the code. It is in the interests of many, not just in the haskell world, to have more, different, and reliable open-source implementations of our open protocols for secure communication. F) Even if we don't 'trust' tls sufficiently to bless it for the platform, we can still bake it into platform-distributed cabal-install binaries, as better than nothing. 2) When I download a package, I should be able to trust that the package I download is one uploaded by a verified uploader. A) This is about signing and verification, not a secure protocol as such. B) It requires a different design. The library support is easier than that for SSL. However, there are more options for "how verified" we want the chain of trust to be -- is it sufficient for hackage to sign the tarballs, or do we want to let users sign their own tarballs and allow verification of that, etc. On a related topic: On 11/3/13 1:19 PM, Niklas Hambüchen wrote:

...

There seem to be a lot of volunteers around who would like to help (for example, I have asked for this multiple times over the last years and this thread shows that there are many more people interested in it).

What we need is not a 'drive by' volunteer just for one-time certificate deployment (which is easy). Volunteers for hackage and cabal to tackle the bigger technical issues described above would be much more important. Join the cabal-devel mailinglist, or hang out in #hackage on irc, or both. On reducing the load on the core infra team, what would be best is people able to devote a consistent (even if small) amount of time on a prolonged basis. Someone familiar with various virtualization technologies and deployment on linux would be ideal. Join the #haskell-infrastructure channel on irc, the haskell-infrastructure list hosted by galois, email admin@haskell.org, or email me directly, and we'll see where you might fit in best. It's great if people want to jump in -- there's plenty of work to be done. Let's centralize what people have to offer, so that we can work most efficiently! Cheers, Gershom

Eli Frey

3:40 p.m.

...

Theres a Haskell-infrastructure team that is now managing much of the community infrastructure, talk with them if you want to get involved. they're often found on the #haskell-infrastructure irc channel on freenode and they're amazingly responsive (despite being all volunteers)

...

What we need is not a 'drive by' volunteer just for one-time certificate deployment (which is easy). Volunteers for hackage and cabal to tackle the bigger technical issues described above would be much more important. Join the cabal-devel mailinglist, or hang out in #hackage on irc, or both.

Good points, I'll quit back seat driving :P. On Sun, Nov 3, 2013 at 11:00 AM, Gershom Bazerman wrote:

...

On various topics:

Security is a multifaceted beast with many related issues, depending on which attack vectors we're concerned about, with what degree of assurance.

Ultimately, we rely on trusted parties, and so of course don't have a defense (other than 'many eyes') if someone were to hand e.g. SPJ or Austin or the maintainer of a key package in the Platform a swiss bank account with some quantity of gold sufficient to induce them to put in a backdoor, or perhaps just steal their computers, passwords, and keys to put in a backdoor themselves.

That said, even if we consider that we 'trust' key individuals involved, as well as the security of their keys and identity, we still have other vectors to prevent. Here's my summary of what I understand (thanks to Duncan for helping me sort this out on IRC. Most insights his, all omissions mine).

1) Only those individuals who own packages should be able to upload their packages. A) This is solvable soon and directly by adding SSL to hackage, so that they can upload (via the web interface) in a secure manner. B) To upload securely via "cabal upload" we'll need cabal to have access to the right secure protocols. C) The "easy" answer here is to shell out to curl or the like, and place the obligation on the end user to have the right security-enabled binaries on their system. D) Other than that, we need to use e.g. "tls" and "tls-extras" E) To trust those, we should encourage outreach to the security community as a whole to examine, harden, etc. the code. It is in the interests of many, not just in the haskell world, to have more, different, and reliable open-source implementations of our open protocols for secure communication. F) Even if we don't 'trust' tls sufficiently to bless it for the platform, we can still bake it into platform-distributed cabal-install binaries, as better than nothing.

2) When I download a package, I should be able to trust that the package I download is one uploaded by a verified uploader. A) This is about signing and verification, not a secure protocol as such. B) It requires a different design. The library support is easier than that for SSL. However, there are more options for "how verified" we want the chain of trust to be -- is it sufficient for hackage to sign the tarballs, or do we want to let users sign their own tarballs and allow verification of that, etc.

On a related topic:

On 11/3/13 1:19 PM, Niklas Hambüchen wrote:

...
There seem to be a lot of volunteers around who would like to help (for example, I have asked for this multiple times over the last years and this thread shows that there are many more people interested in it).

What we need is not a 'drive by' volunteer just for one-time certificate deployment (which is easy). Volunteers for hackage and cabal to tackle the bigger technical issues described above would be much more important. Join the cabal-devel mailinglist, or hang out in #hackage on irc, or both.

On reducing the load on the core infra team, what would be best is people able to devote a consistent (even if small) amount of time on a prolonged basis. Someone familiar with various virtualization technologies and deployment on linux would be ideal. Join the #haskell-infrastructure channel on irc, the haskell-infrastructure list hosted by galois, email admin@haskell.org, or email me directly, and we'll see where you might fit in best. It's great if people want to jump in -- there's plenty of work to be done. Let's centralize what people have to offer, so that we can work most efficiently!

Cheers, Gershom

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Vincent Hanquez

4 Nov 4 Nov

1:57 a.m.

On 2013-11-04 03:00, Gershom Bazerman wrote:

...

On various topics:

Security is a multifaceted beast with many related issues, depending on which attack vectors we're concerned about, with what degree of assurance.

Ultimately, we rely on trusted parties, and so of course don't have a defense (other than 'many eyes') if someone were to hand e.g. SPJ or Austin or the maintainer of a key package in the Platform a swiss bank account with some quantity of gold sufficient to induce them to put in a backdoor, or perhaps just steal their computers, passwords, and keys to put in a backdoor themselves.

That said, even if we consider that we 'trust' key individuals involved, as well as the security of their keys and identity, we still have other vectors to prevent. Here's my summary of what I understand (thanks to Duncan for helping me sort this out on IRC. Most insights his, all omissions mine).

1) Only those individuals who own packages should be able to upload their packages. A) This is solvable soon and directly by adding SSL to hackage, so that they can upload (via the web interface) in a secure manner. B) To upload securely via "cabal upload" we'll need cabal to have access to the right secure protocols. C) The "easy" answer here is to shell out to curl or the like, and place the obligation on the end user to have the right security-enabled binaries on their system. D) Other than that, we need to use e.g. "tls" and "tls-extras" E) To trust those, we should encourage outreach to the security community as a whole to examine, harden, etc. the code. It is in the interests of many, not just in the haskell world, to have more, different, and reliable open-source implementations of our open protocols for secure communication. F) Even if we don't 'trust' tls sufficiently to bless it for the platform, we can still bake it into platform-distributed cabal-install binaries, as better than nothing.

2) When I download a package, I should be able to trust that the package I download is one uploaded by a verified uploader. A) This is about signing and verification, not a secure protocol as such. B) It requires a different design. The library support is easier than that for SSL. However, there are more options for "how verified" we want the chain of trust to be -- is it sufficient for hackage to sign the tarballs, or do we want to let users sign their own tarballs and allow verification of that, etc.

This is a very good list. 1) c) I think "shelling out" is probably the best idea: * it doesn't cost much on cabal infrastructure and its maintenance * it doesn't add any dependencies * it allow user to replace their binaries by custom solutions if needed. With this in place, even tls doesn't necessary have to be favorited. 2) b) similar to the uploading/downloading, if you have a special binary somewhere, it would use it to automatically insert signatures (at sdist time), and verify packages when needed. -- Vincent

Brandon Allbery

3 Nov 3 Nov

3:38 p.m.

On Sun, Nov 3, 2013 at 12:02 PM, Donn Cave wrote:

...

not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me.

Not familiar with how OpenSSL handles compatibility, I take it? I have no such confidence. -- brandon s allbery kf8nh sine nomine associates allbery.b@gmail.com ballbery@sinenomine.net unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net

Vincent Hanquez

4 Nov 4 Nov

1:35 a.m.

On 2013-11-04 01:02, Donn Cave wrote:

...

How strongly do you feel about the cross platform and dependency issues? Quite ? I think that would be rather bad to have cabal have ssl on unix, but not on MacOSX and Windows.

...

When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

I think that's the best alternative (provided wide spread non support for tls), except there's no platform standards (think about chromium, and mozilla cases for a very similar problem), and it's probably going to be "interesting" to maintain (as in it take probably quite a bit of resource for browsers to keep on top). -- Vincent

Carter Schonwald

1:39 a.m.

agreed, would likely be a portability nightmare, and the cabal devs have enough on their plate as is! On Mon, Nov 4, 2013 at 1:35 AM, Vincent Hanquez wrote:

...

On 2013-11-04 01:02, Donn Cave wrote:

...
How strongly do you feel about the cross platform and dependency issues?

Quite ? I think that would be rather bad to have cabal have ssl on unix, but not on MacOSX and Windows.

When I needed SSL encryption, I whipped up a little module with foreign

...
calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

I think that's the best alternative (provided wide spread non support for tls), except there's no platform standards (think about chromium, and mozilla cases for a very similar problem), and it's probably going to be "interesting" to maintain (as in it take probably quite a bit of resource for browsers to keep on top).

-- Vincent

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Michael Snoyman

1:55 a.m.

FWIW, I went through this exact decision making process about 2 years ago when working on TLS support in http-conduit[1] and came to the conclusion that the best choice by far was using Vincent's tls package. I've been very happy with the results. Not only is Yesod used on a number of platforms, but I've shipped commercial software to both Windows and Mac, and having one less system library to worry about saved me lots of pain[2]. [1] Actually, the only reason I ever wrote http-conduit instead of just using HTTP was that I needed TLS support for OpenID, and I could never get the existing TLS-in-HTTP-package solutions to work. [2] An example to the contrary to text-icu, which to this day I cannot reliably get installed on a Windows system. On Mon, Nov 4, 2013 at 8:39 AM, Carter Schonwald

...

wrote:

...

agreed, would likely be a portability nightmare, and the cabal devs have enough on their plate as is!

On Mon, Nov 4, 2013 at 1:35 AM, Vincent Hanquez wrote:

...
On 2013-11-04 01:02, Donn Cave wrote:

...
How strongly do you feel about the cross platform and dependency issues?

Quite ? I think that would be rather bad to have cabal have ssl on unix, but not on MacOSX and Windows.

When I needed SSL encryption, I whipped up a little module with foreign

...
calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

I think that's the best alternative (provided wide spread non support for tls), except there's no platform standards (think about chromium, and mozilla cases for a very similar problem), and it's probably going to be "interesting" to maintain (as in it take probably quite a bit of resource for browsers to keep on top).

-- Vincent

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

Chris Dornan

2:10 a.m.

And some of us have been relying on Vincent's tis package for our production code and would very much like to see it in the platform. And surely we do need a cross-platform solution. Chris From: Michael Snoyman Date: Monday, 4 November 2013 06:55 To: Carter Schonwald Cc: Haskell-Cafe Subject: Re: [Haskell-cafe] SSL support for hackage and cabal FWIW, I went through this exact decision making process about 2 years ago when working on TLS support in http-conduit[1] and came to the conclusion that the best choice by far was using Vincent's tls package. I've been very happy with the results. Not only is Yesod used on a number of platforms, but I've shipped commercial software to both Windows and Mac, and having one less system library to worry about saved me lots of pain[2]. [1] Actually, the only reason I ever wrote http-conduit instead of just using HTTP was that I needed TLS support for OpenID, and I could never get the existing TLS-in-HTTP-package solutions to work. [2] An example to the contrary to text-icu, which to this day I cannot reliably get installed on a Windows system. On Mon, Nov 4, 2013 at 8:39 AM, Carter Schonwald wrote:

...

agreed, would likely be a portability nightmare, and the cabal devs have enough on their plate as is!

On Mon, Nov 4, 2013 at 1:35 AM, Vincent Hanquez wrote:

...
On 2013-11-04 01:02, Donn Cave wrote:

...
How strongly do you feel about the cross platform and dependency issues? Quite ? I think that would be rather bad to have cabal have ssl on unix, but not on MacOSX and Windows.

...
When I needed SSL encryption, I whipped up a little module with foreign calls to OpenSSL. For an ordinary client, which is all I use it for any more, it's a simple interface -- init, connect, read, write, a couple error functions. I have to link -lssl -lcrypto. The great thing about this is, not only do I have a high degree of confidence in the implementation, I don't expect it to _ever_ change in a way that will inconvenience me. If my application ever needs to work on a platform with a different SSL, just need a new module with init/connect/write etc.

Does that seem like a possibility, just write minimal interfaces to existing platform standard SSL implementations, and move on to more interesting problems? Or is this really an area with interesting problems of its own that I'm missing?

I think that's the best alternative (provided wide spread non support for tls), except there's no platform standards (think about chromium, and mozilla cases for a very similar problem), and it's probably going to be "interesting" to maintain (as in it take probably quite a bit of resource for browsers to keep on top).

-- Vincent

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe http://www.haskell.org/mailman/listinfo/haskell-cafe

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe

4217

Age (days ago)

4219

Last active (days ago)

List overview

Download

25 comments

14 participants

participants (14)

Brandon Allbery
Carter Schonwald
Chris Dornan
Donn Cave
Eli Frey
Gershom Bazerman
Jason Dagit
Johan Tibell
John Wiegley
Michael Snoyman
Mike Izbicki
Niklas Hambüchen
Scott Lawrence
Vincent Hanquez