packaging-problems icon indicating copy to clipboard operation
packaging-problems copied to clipboard
verified publisher icon pypa

No Signing of Packages

Open dstufft opened this issue 12 years ago • 10 comments

There is no real and useful signing of packages. It would be great to have this to ensure download and upload integrity.

This is likely going to be solved with the possible introduction of TUF at a future point in time.

dstufft avatar Nov 02 '13 23:11 dstufft

Considering the Rubygems hack of early this year and the attack on Python's wiki infrastructure I'm not sure we can afford to wait for 'a future point in time'.

The seemingly standard way of doing this is to provide a GPG signed checksums file containing a hash of every file in the package. The issue usually is that not everyone verifies those because GPG can be a wee bit confusing to people and there's no guarantee the developer actually securely manages and stores his GPG key.

daenney avatar Nov 03 '13 10:11 daenney

By "a future point in time", Donald actually means "the researchers behind The Update Framework are actively working on a solution that will actually be used, unlike GPG signing which is technically already supported, but nobody actually uses due to the key management problem".

TUF website: http://www.updateframework.com/projects/project Mailing list: https://groups.google.com/forum/?fromgroups#!forum/theupdateframework

The Rubygems compromise was indeed a wake-up call that finally silenced a lot of people that had been objecting to attempts at hardening the distribution ecosystem as not worth the effort, and many security improvements have been made since then. The challenge the TUF folks are tackling is making it possible to survive a compromise of PyPI (at least for higher profile packages) without substantially raising the barrier to entry for new users distributing their first packages.

ncoghlan avatar Nov 03 '13 12:11 ncoghlan

Oh, nice, according to Trishank's latest update to the TUF list, the first public draft of their PEP should be published any day now: https://groups.google.com/forum/?fromgroups#!topic/theupdateframework/clYqvu8KzZ8

ncoghlan avatar Nov 03 '13 12:11 ncoghlan

My apologies, when people say things like 'a future point in time' I've come to interpret that as "when pigs can fly".

daenney avatar Nov 03 '13 12:11 daenney

In this case, "after Python 3.4 and pip 1.5" is the main meaning (we had to scale several things back to focus on what was needed to meet the Python 3.4 deadlines for PEP 453).

ncoghlan avatar Nov 03 '13 21:11 ncoghlan

Existing gpg signatures which are uploaded aren't actually verified right? It'd be nice if that was an option.

alex avatar Nov 03 '13 22:11 alex

Here's the basic current state of things regarding PyPI and GPG signing of packages, at least as of a few months ago: https://github.com/travis-ci/dpl/issues/727#issuecomment-359203157

brainwane avatar Mar 13 '18 01:03 brainwane

Another summary of the current status of things is in https://lwn.net/SubscriberLink/751458/81b2759e7025d6b9/ .

brainwane avatar Apr 12 '18 21:04 brainwane

Package signing on PyPI will be part of Warehouse security work funded by a gift from Facebook that the Warehouse team will start working on later in 2019. The work includes "Cryptographic signing and verification of artifacts (PEP 458/TUF or similar)" and additional features (milestone).

https://github.com/pypa/warehouse/issues/5247 has more detail on the current discussion around TUF.

brainwane avatar Jun 23 '19 16:06 brainwane

PEP 740 does the signing part of this. I suppose we should leave this open for the verifying side, however.

woodruffw avatar Feb 11 '25 20:02 woodruffw