Comments (4)
Thanks, @jonathancross for the useful enhancement suggestion. We are going to implement it.
from desktop-app.
Hi @jonathancross
we have implemented the possibility to verify binaries. It works for versions starting from v3.0.0.
Next steps should be performed, to verify the signature (we did not update this info on the website yet):
-
Download ‘installer' and it's signature.
The signature file has the same name as binary with the.sign.sha256.base64
at the end.
macOS (example):
https://repo.ivpn.net/macos/bin/IVPN-3.3.20.dmg
andhttps://repo.ivpn.net/macos/bin/IVPN-3.3.20.dmg.sign.sha256.base64
Windows (example):
https://repo.ivpn.net/windows/bin/IVPN-Client-v3.3.20.exe
andhttps://repo.ivpn.net/windows/bin/IVPN-Client-v3.3.20.exe.sign.sha256.base64
-
Download OpenSSL public key for verification
macOS:https://repo.ivpn.net/macos/keys/public.pem
Windows:https://repo.ivpn.net/windows/keys/public.pem
-
Verification commands
macOS (example):
# Decode base64:
$ openssl base64 -d -in IVPN-3.3.20.dmg.sign.sha256.base64 -out IVPN-3.3.20.dmg.sign.sha256
# Check signature:
$ openssl dgst -sha256 -verify public.pem -signature IVPN-3.3.20.dmg.sign.sha256 IVPN-3.3.20.dmg
Windows (example):
# Decode base64:
$ openssl base64 -d -in IVPN-Client-v3.3.20.exe.sign.sha256.base64 -out IVPN-Client-v3.3.20.exe.sign.sha256
# Check signature:
$ openssl dgst -sha256 -verify public.pem -signature IVPN-Client-v3.3.20.exe.sign.sha256 IVPN-Client-v3.3.20.exe
from desktop-app.
Hi @stenya I appreciate you making some effort here, but this is not the same as a GPG signature.
With GPG/PGP we have a "web of trust" -- a way to establish trust (out of band) that the key used to sign is authentic.
For example, your "IVPN Administrator <[email protected]>
" key (0xC485B578
) has signatures from several others making it easier to verify the correct key if any of those people are known or they are in the wider Web Of Trust.
With your suggested replacement, we are left to trust whatever certificate is returned at the above URL.
from desktop-app.
Another request for key verefication.
Example: https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html#debian-and-ubuntu
from desktop-app.
Related Issues (20)
- Add COPR repository (or at least a public .spec file)
- Suggestion for vpn locations. HOT 1
- Allow custom ports with V2Ray HOT 7
- Allow LAN traffic and multicast not working HOT 5
- Higher Resolution Taskbar Icon
- IVPN Does not reconnect after Hibernation HOT 3
- Dedicated VPN servers with port forwarding HOT 1
- Unable to regenerate WireGuard key HOT 3
- [Feature Request] Multi-provider support HOT 2
- (Linux) Protected resolv.conf file causes error
- Route based Split Tunneling HOT 1
- Automatic yes argument.
- Buggy UI HOT 4
- Why should the close button end the vpn connection in the ui? HOT 4
- (Linux) Add "make" as dependency for AUR package HOT 1
- [bug] (Windows) WireGuard fails to start with the error: 'The service cannot accept control messages at this time.' HOT 4
- Uninstaller does not turn the IVPN Firewall off HOT 3
- (Linux) v2ray/obfs4proxy: getting default gateway ip error HOT 6
- Connection Restarts When Adding Another Split Tunnel Application
- (Windows) Unable to logout. HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from desktop-app.