Re: Bug#540215: Introduce dh_checksums

To: Frank Lin PIAT <fpiat@klabs.be>
Cc: 540215@bugs.debian.org, Debian Devel <debian-devel@lists.debian.org>
Subject: Re: Bug#540215: Introduce dh_checksums
From: Russ Allbery <rra@debian.org>
Date: Mon, 08 Mar 2010 12:59:00 -0800
Message-id: <[🔎] 87wrxmbkdn.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 1268066168.21347.9661.camel@solid.paris.klabs.be> (Frank Lin PIAT's message of "Mon, 08 Mar 2010 17:36:08 +0100")
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] 874okyuov4.fsf@windlord.stanford.edu> <[🔎] 20100303151752.835b34d3.erikd@mega-nerd.com> <[🔎] 20100303104725.GA18778@celtic.nixsys.be> <[🔎] slrnhosifd.rmi.trash@kelgar.0x539.de> <[🔎] 1267650344.8266.262.camel@solid.paris.klabs.be> <[🔎] 87bpf3vrai.fsf@qurzaw.linpro.no> <[🔎] 1268066168.21347.9661.camel@solid.paris.klabs.be>

Frank Lin PIAT <fpiat@klabs.be> writes:

> Find a patch attached, for a smooth transition from DEBIAN/md5sums to a
> recent checksum.

> The way it is implemented, is that the dh_md5sums is a symlink to the
> new dh_checksums. The new helper computes both md5sum (for
> compatibility/transition) and a new checksum (SHA256, which was already
> chosen by FTP-masters as a remplacement for md5sum for signed files)

If there's a general consensus that we should go this route, I'm okay with
it, but I'm personally not sure this is the right approach.

I think there are two possible directions we can take with this package
feature:

1. Strengthen the integrity check so that it could potentially be useful
   for security purposes as well as for simple integrity checking.

2. Declare such checksums only useful for corruption and local (benign)
   modification checksumming.

If we take option 1, going to a stronger hash is strictly less useful in
every respect than going to embedded PGP signatures, which apparently only
require active maintenance and a plan to be acceptable in the archive and
which would need a different format anyway.

If we take option 2, SHA256 offers no benefits over MD5 and just takes
longer to compute.  There is essentially zero chance that random file
corruption or typical local modification will result in a successful MD5
preimage attack.

I therefore have to question what utility there is in switching to SHA256.
It doesn't seem to achieve either possible goal, unless I'm missing some
way in which it's a step towards option 1?

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Russ Allbery <rra@debian.org>
- Re: md5sums files
  - From: Erik de Castro Lopo <erikd@mega-nerd.com>
- Re: md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Philipp Kern <trash@philkern.de>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: md5sums files
  - From: Tollef Fog Heen <tfheen@err.no>
- Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>

Prev by Date: Re: Has Debian abandoned Python?
Next by Date: Re: Bug#540215: Introduce dh_checksums
Previous by thread: Re: Bug#540215: Introduce dh_checksums
Next by thread: Re: Bug#540215: Introduce dh_checksums
Index(es):
- Date
- Thread