New PGP keys have been published.
Fingerprint | UID ----------------------------------------------------------------------------------- B84E 1774 7616 C617 4C68 D5E5 5C1A 7B71 2812 CC05 | Mark Raynsford (2018 personal) F8C3 C5B8 C86A 95F7 42B9 36D2 97E0 2011 0410 DFAF | io7m.com (2018 release-signing)
See the the previous blog post:
$ gpg --recv-keys 8168DAE22B15D3EDC722C23D0F15B7D06FA80CB8 $ wget -r http://blog.io7m.com $ cd blog.io7m.com $ gpg < checksum.asc | sha512sum --check
Better.
This blog was designed to be verifiable:
$ gpg --recv-keys 8168DAE22B15D3EDC722C23D0F15B7D06FA80CB8
$ wget -r http://blog.io7m.com
$ find blog.io7m.com -name '*.asc' -exec gpg --verify {} \;
Note that the 8168DAE22B15D3EDC722C23D0F15B7D06FA80CB8 key ID assumes
you're reading this in 2017. By the time 2018 comes around, this blog
will be signed with a new key (and a new one for each passing year).
Possible points of failure:
A malicious actor gets the remote keyserver to serve a
different key than the one with fingerprint
8168DAE22B15D3EDC722C23D0F15B7D06FA80CB8. Does gnupg
verify that a received key had the fingerprint that the
user specified on the command line? What if the user
specified my name and key comment instead of a fingerprint?
The actor at this point might be able to convince you that
the signatures on files on blog.io7m.com are invalid. It
might be able to convince you that its own key is mine.
A malicious actor modifies the files and signatures when
wget downloads them. The actor can't generate valid signatures
for the key 8168DAE22B15D3EDC722C23D0F15B7D06FA80CB8 (unless
it can break RSA), but it can try to convince you that its own
key is actually my key and therefore have you trust that the
data you're seeing is unmodified and was signed by me. If the
actor managed to perform step 1 above, then you're completely
compromised.
A malicious actor removes some of the signatures. If you didn't
know exactly how many pages there should be, you'd not notice
if gpg didn't verify one of them.
Step 1 has no technical solution; you need to verify the keys you receive and check the signatures on those keys assuming they come from other keys that you trust. If you're lucky, there is a chain of signatures leading to a key that you do trust with certainty. I have yearly expiring keys, and I sign each new year's keys with the old keys. Unless my keys have been compromised yearly, there's a reasonable chance that the keys you see are mine!
Step 2 is partially mitigated by https, assuming that the actor
doesn't have backdoor access to the CA issuing the certificate.
The actor can have the CA issue a new certificate, redirect you
to a server that the actor controls, decrypt the traffic, modify
it, and then re-encrypt it. You'd never know anything was wrong.
Step 3 is manually mitigated by reading the posts by year
page and checking that you have at least as many signatures as
pages. I may start publishing a CHECKSUMS file that just contains
signed SHA512 hashes of every file on the site.
I'm considering using keybase in addition to publishing PGP keys on the public keyservers. I don't do social media, so I'm not sure how much it'd apply to me. I do use GitHub heavily though.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 2017-12-17T14:19:49+0000 Pushed a new key for signing commits in Android work. I'll still be releasing new personal and release signing keys in January (and I'll be switching to ed25519 keys from RSA). E134 3512 A805 115A C1A0 1D15 C578 C3C0 C9B1 2BFF Mark Raynsford (2018 android commit signing) -----BEGIN PGP SIGNATURE----- iQJCBAEBCgAsFiEEgWja4isV0+3HIsI9DxW30G+oDLgFAlo2fa4OHG1hcmtAaW83 bS5jb20ACgkQDxW30G+oDLjKiA/9HRrc0F7d/4C4ybdKFpp8N3S/RT/NJLfrYOTV XQvt9Nw+eJydsygY8IbaZiWo9hkxddI1DLuWtahcrXFWGQ/VpAUmZcIondaJzLna 42Ui5jFpkweOVH2VYmuuDTV5rpkfH7IkTml5m2OsnsVU4hO9V1DGoNL+/5p2xv0E sLkopFX/9qaRtw0qJ7u8Bl5217kodlI2inEMfomI8QcMp+JarkTogEdkkzFBz7Qo /XGevkdeIBMCQ0NpsvoQmclGbgOtu6js1LvoQjDaXoVtT1yyIM831FDgFxbKCMw8 gzxx0f/TZjoRizIE0fNIwPmLYG5HXLCt6wN7iT6MYhp7ijBABZB8tH7cffCF1sM5 QE+eg8bzOL4FT57XLPpp9eDXZmLqmy6EdrWedaWughPPjUofqaIw0Bar1iIp4pY0 lIkAUTsqtEI32sAdInJ0PPar8nYVM8COSoyZ08kdxImO3DHRGerI7DSi88JpTiRy vX96LZ0UvwyUhFxUSJQuxXYd82bQgoBhdjsLWiurZZYdZC5EGCwA7m5zapLWF76m SJloK1ogK628TygNrhnNNsUirrEsDJM2CaNnp8/viN1eFlWMb13dgyLOQijyFyYV 8Q56XeILyckUY3ERw+v5BPN5g3qdF4nL5O23L3zrSQKcn6yUGgcFa6gia9cc1/Hm EiTv9cc= =D3uo -----END PGP SIGNATURE-----
I initially wrote jstructural as a set of XSLT stylesheets. That quickly became unmaintainable as the complexity of the stylesheets increased. I rewrote them in Java. I eventually got tired of writing documentation in XML (I didn't know that better XML editors existed) so I ended up wanting to add the ability to write documents as S-expressions.
The right way to do this was to redesign jstructural so that it defined
a core AST type and added multiple parsers that all
produced values of this core type. Converting between documents of different
types would then be a matter of parsing using one syntax, and then serializing
the AST using another.
The most natural way to express an AST is as a large algebraic data type.
Java doesn't have direct support for these yet (although it's slowly getting
them via Project Amber). I therefore
looked at other JVM languages that did support them, and the choice was either
Scala or Kotlin. I
chose Kotlin, after multiple nasty experiences with Scala. kstructural
was born.
Fast forward to the present day, and I'm utterly sick of working on Kotlin code. The tools are slow. Compilation is slow. The people in charge of the ecosystem think devolving to special snowflake imperative build tools like Gradle is a good idea.
I'm going to do a new Java implementation of the structural language,
and I'm probably going to redesign the language to make it even easier
to implement. Nowadays, XML editing is fast and painless thanks to various
tools (with real-time validation errors). XOM is essentially
unmaintained, so I'll replace the XML parsing code with an efficient SAX
parser (and actually get lexical information in the parsed AST, unlike with
XOM).