On Fri, Nov 25, 2005 at 07:59:40PM +0100, Florian Weimer wrote: > * Anthony Towns: > > (I'm amazed the security "crisis" we're having is about deb sigs > > *again*, when we're still relying on md5sum which has a public exploit > > available now...) > These exploits are irrelevant as far as the Debian archive is > concerned. (And that's not because hardly any sarge user verifies the > MD5 hashes, by the way. 8-) Uh. You're seriously putting your reputation on that claim? And md5 hashes have been verified since either slink or potato depending on when you started using apt; possibly earlier if dselect methods used them like they should have. debootstrap certainly verified them for woody. And heck, they've been used in .changes since day 0. > Moving away from MD5 is certainly not a bad idea, but it's not clear > whether the alternatives are any better. Sure, everyone recommends > SHA-256 at this stage, but nobody can give a rationale. MD5 is broken; SHA-1 is where MD5 was a couple of years ago, SHA256 (or higher) are significantly harder to break in practice, and there's nothing better yet. Cheers, aj
Attachment:
signature.asc
Description: Digital signature