OpenSSH Mirror "Mallory" Attack Vulnerability [Was: Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror]

["Jonathan A. Zdziarski" <jonathan () nuclearelephant com>]

Looking at how the mirrors for all the openssh distros are laid out, I
don't see much point in trying to verify them using PGP unless you've
previously imported it.  Each mirror contains the public key, the file,
and the signature in the same directory, so any first-time downloader
could get a tainted distribution with an "authentic" signature.  If
somebody did manage to find a way to hack a mirror, they could easily
copy over their public key, hacked file, and signature.  At the very
least, the public key needs to be kept on a different set of [secure]
servers, possibly even with an MD5 of the public key sitting on a third
server just to make it all the more difficult to falsify
authentication.  

I haven't looked lately, is this a common practice with mirror sites and
PGP signing distributions? If so, it seems to eliminate the purpose PGP
signing was originally intended for.