Philipp Kern <pkern@google.com> (2014-01-29): > On Mon, Jan 27, 2014 at 12:54 AM, Cyril Brulebois <kibi@debian.org> wrote: > > > As far as I can see, we have MD5Sum, SHA1, and SHA256 for all of > > oldstable, stable, and testing. I've therefore modified the code to > > support an unconditional loop over those 3 values, which you can review > > in the git repository (multi-checksums branch). > > > > the patches look good to me. I have one question though (repeating here > from IRC): Thanks for the review. > Do we really want to make the set of current checksums mandatory? This will > make it harder to drop some and replace them by stronger ones. Disclaimer: > I don't know what apt does. > > Clearly we need to avoid the downgrade attack of someone dropping all the > hashes except MD5 (even though we will of course still GPG-verify the > hashset) and then replacing content. So maybe two of three? Those that are > there and a strong one? I don't know, I just want to encourage some thought > on this. ;-) Checking all known (to net-retriever) checksums that are present and making sure at least one of them is not MD5 (as suggested by Julien) would probably do the trick. I'm tempted to keep the logic implemented in those patches for now, and to track the proposed, slightly relaxed strategy in a separate bug report. On a related note, from a quick look at libdebian-installer, it is lagging behind as well: - md5sum + sha1 in src/release.c - md5sum only in src/package*.c Mraw, KiBi.
Attachment:
signature.asc
Description: Digital signature