Any added value to signatures in metadata? #115
hesreallyhim
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Pre-submission Checklist
Your Idea
Preamble: I'm not a security expert, but I use GPG Suite, e.g., or at least take the time to verify checksums of certain packages I download, since most organizations don't seem to publish PGP keys anyway.
I have been reading the registry proposal, and it occurs to me that an added layer of security could be to include a signature along with the server metadata, so that when a client installs an MCP that is registered by this project (or, from a registry that is registered by this project), at least they can use the signature to confirm that what they downloaded comes from the described source, and that it hasn't been tampered with.
Because this is not my area of expertise, I am happy to be informed that this would not add any additional security to the current proposal, which as far as I can tell relies on GitHub authentication methods and DNS-verification. So maybe the mechanisms described in the proposal are already adequate in this regard. Nevertheless, if I download a package from a website, it's often accompanied at least by a checksum that I can use to validate non-tampering. I don't fully grok all the threat surfaces that are covered or not covered by the current proposal, and I sort of gather that PGP is not widely adopted except in certain areas, so this proposal not wedded to OpenPGP, or GPG, it just happens to be the tool that I am most familiar with. But, for instance, MCP (this project) could publish its public key, and approved servers (or, indirectly, server registries), could be provided with a signature (signed by this project with its private key) that validates that the downloaded server metadata (
server.jsonormcp.jsonI think) is legitimate and not tampered with. This could be offered as an optional part of the metadata.So this might be a dumb idea - but someone told me once there are no dumb ideas, and I'm really dumb so I believed it. 😆
Scope
Beta Was this translation helpful? Give feedback.
All reactions