top | item 13742156

(no title)

Neat :)!

In case the Mender folks are here, have you looked into incorporating the concerns addressed bt The Update Framework (TUF) https://theupdateframework.github.io/

discuss

eystein|9 years ago

Thanks! :)

Yes, we have looked into it and the nice thing is that TUF seems to be quite easy to add as an additional security layer down the road.

One interesting challenge is downgrade attacks. How do you allow rollback of a bad deployment while disallowing an attacker to deploy an old and vulnerable version?

theamk|9 years ago

Why? TUF is all about reimplementing SSL and PKI. Since mender can use regular SSL with good-old PKIs, there is no reason to go with weird solutions.

aseipp|9 years ago

TUF protects against more attacks than just HTTPS or regular trivial signing methods do (rollback attacks, freezes, mix and match attacks, and helps secure mirrors), and has little to do with HTTPS or raw "transport layer encryption". It absolutely compliments and suppliments HTTPS if you're using it for your downloads, it is not obsoleted by it. (Though, the subtext on the introduction page probably doesn't help this impression by saying "Like the S in HTTPS...")