I should know better and check the sigs using PGP and checksums, but on Windows this is such a drag that I just end up whispering hallelujah praise the Lord, and hoping for the best.

I know it's my fault, but I'd still like SSL :(

Kind of pointless. If the download has been compromised so have the checksums

https://en.wikipedia.org/wiki/Web_of_trust

http://www.pgpi.org/doc/pgpintro/

http://www.rubin.ch/pgp/weboftrust.en.html

Essentially: with cryptography, you aren't concerned about the transport, you're concerned about the crypto.

Signatures of the source or binaries will tell you if they've been changed.

Signatures on keys will tell you who trusts those keys. If someone you trust trusts a key, then you have a transitive trust of a key. This does mean, though, trusting people not to sign bogus keys.

In TLS/SSL, you have a hierarchical trust. Your session (and its contents) are encrypted and authenticated by the host key, which is signed by the CA's key. The theory is that we can trust CAs. Practice shows otherwise.

It's not cryptographically viable to fake a signature (of a key or data), though if someone manages to lose control of their private key, that's possible. PGP/GPG doesn't handle expired keys well.

But the upshot is that HTTP transport of PuTTY is fine from an integrity standpoint, so long as you verify the binary and signatures. And if you don't mind others being able to see what you're fetching as you're fetching it (the only real benefit to HTTPS in this case).

Even an MITM rewrite of data isn't a critical issue since you can catch that in PGP validation.

I understand all those things in general, but I don't know the specific mechanism by which my local PGP install recognizes who else trusts this PGP key. I grant you that if the key is protected from MITM then all is well. I just still don't know this part:

What mechanism do I use, I who have no prior encounter with that key and no existing PGP setup or connection to any web, to validate that key?

I'm sure this is just a lack of familiarity with PGPs web of trust implementation, but lacking this info, I too just opted to trust the plain HTTP download (until I switched to Cygwin/OpenSSH to make it a moot point anyway).

In general, I fetch signatures of keys and may add some of these as partially trusted if they're very well known keys.

A bit of bash scripting that helps with this:

    gpg --list-sigs <key ID>  | grep 'not found' |
        cut -c 13-22 | sort -u |
        xargs --max-args 10 gpg --recv-keys

You cannot run parallel processes as your local gpg instance cannot do concurrent updates to the keyring.

Which, arguably, might be safer than being overly trusting of my "trusted CAs", which is verified by a flawed system.

I guess I'm still not thrilled wih my options overall, but thank you for your time explaining how to use PGP.

Get the keybase.io client, it sets up your GPG pretty nicely. I was able to confirm the downloads on Windows using the standard ``gpg --verify putty.DSA.asc`` and it just worked(tm) in a cmd.exe window. Using the keybase client does not, however, as the signing key for the putty binaries is not on keybase.

Not saying anything about how much sense it makes to verify the downloads, just saying that it does work well on Windows, without any cygwin, mingw or whatever.

While PuTTY is nice, it lacks some features, like proxycommands and stuff which are standard in ~/.ssh/config. Things which can be taken along in a simple & portable fashion.

No disrespect to PuTTY, but I just found myself not really needing it anymore.

I found it very useful for connecting to vagrant boxes.

http://www.netsarang.com/products/xsh_overview.html

I doubt that anyone is going to take $90/year closed source payware over well known FOSS like OpenSSH or PuTTY here at HN.

While I'm wary to start with, I'd probably be even warier if it weren't.

[1]: http://mobaxterm.mobatek.net/

Putty allowed for more secure remote working when on untrusted networks, but not having to constantly enter credentials is much more preferable.

Is there a secure way to download PuTTY? They are hosting on a http page. Though they provide RSA and DSA signatures how would I verify the signatures themselves? I'm kind of new to walking through trust paths. I don't even have any entry point too since nobody I know use public key encryption (I trust the Debian keys already though since I use their distro, maybe I can use that for a starting point?).

My best bet would be to download the signatures and keys from different mirrors and sources to limit the possibility of a successful targeted MITM attack.

Also https only verifies that page you see is the one intended to be hosted by the URL's owner. Even if the website had a valid cert signed by a trustworthy CA it wouldn't mean more. From that URL I couldn't tell if it's still a trustworthy site from I can download PuTTY.

I don't know the state of PGP though. I'm looking at http://keyserver.ubuntu.com/ right now and all I see are plain signatures of keys without any comment on the "type of trust" between the two parties (I'm really new to this). But it seems probable that if somebody signed the PuTTY master keys then it meant that "I trust that this key belongs to the PuTTY team who create the trustworthy PuTTY software" since I wouldn't sign faulty software even if I knew that it came from a valid source. It would be nice if people would sign certificates with comments like this.

edit: Sorry, seems like I misunderstood your comment. For my defense you misunderstood mine too. I don't say HTTPS is more secure. I just don't have any practice in verifying keys using gnupg.

edit2:

download the source and build it yourself

I usually don't audit the source code I build from a random project. A compromised source code for me is as dangerous as a compromised binary (for me at least).

Ideally, it goes something like this --

1. Start with the master keys. Download them from their website & import them into your keyring.

2. Fetch signatures for those keys from some key servers. (E.g. gpg --recv-keys 6A93B34E).

3. Examine the signatures (E.g. gpg --list-sigs 6A93B34E). Do you trust anybody in that list to have verified the ownership of the keys?

If "yes", then import the release keys and verify that _they_ have been signed by the master keys. You can use the release keys to verify the downloaded binary.

If "no", then you might recurse down those keys to see if you know anyone who signed any of _them_. At this point, you'll need to consider very carefully what your trust policy is going to be.

Well what if I don't know if I can trust them. Also I couldn't possibly verify them in person so I need to recursively walk through the signing keys to find a trusted signature. Isn't there an easy cli command for this? All I could find are online path finders.