On Wed, Mar 10, 2010 at 11:13:31AM -0600, Peter Samuelson wrote: > > [Wouter Verhelst] > > At any rate, a PGP signature takes a lot of data; much more so than > > a checksum. It's therefore more economical to produce a signed > > package.checksums file than it is to produce a package.pgpsigs. > > Huh? Since asymmetric cryptography is so computationally expensive, > PGP never signs the payload directly. I am aware of that. > Instead, the payload is hashed > and then the hash is signed. So it is not (noticeably) more economical > to sign foo.md5sums than to sign the whole data.tar.gz. I was not suggesting to sign the data.tar.gz, because that is not useful anymore once the package is installed (you do not have the data.tar.gz anymore to verify). Instead, I was suggesting to sign individual files, which would require several signatures per package (one per file). Just check the length of any PGP signature, and compare it against the lenght of a random checksum. You'll agree that a signed file with checksums takes less data than a file with several signatures. [...] > Or is this not what you meant? I'm confused. Hope that explains, [...] > If you have a .deb on a different host and don't want to transfer the > entire thing over the network, well, no reason you can't do your > SHA16384 on both ends, and transfer only the hashes at that time. True. -- The biometric identification system at the gates of the CIA headquarters works because there's a guard with a large gun making sure no one is trying to fool the system. http://www.schneier.com/blog/archives/2009/01/biometrics.html
Attachment:
signature.asc
Description: Digital signature