How to sign the name of the name as well, not just the file?
patrick-mailinglists at whonix.org
Mon Jan 12 19:44:06 CET 2015
When using "gpg --armor --detach-sign some-file-version-c" a file:
some-file-version-c.asc will be created.
But an adversary position to arbitrarily change file names on a mirror
or so could rename it to some-file-version-d and some-file-version-d.asc.
That could trick the verifier into believing having received a more
recent version than expected. The adversary could use this to mount
rollback  (downgrade) or indefinite freeze  attacks.
Is there a way to make gnupg sign the name of the file as well? So
verification would fail if file names were renamed?
I know, one could create a sha512sum (or so) file that contains the hash
and the name of the file, then gpg sign that file. But I find that
method more complex, complicated, cumbersome. Is there any easier and/or
gpg built in way?
  Defined as per TUF (The Update Framework) - Attacks and
Weaknesses - Threat Model:
More information about the Gnupg-users