Re: Bug#540215: Introduce dh_checksums

To: debian-devel@lists.debian.org
Subject: Re: Bug#540215: Introduce dh_checksums
From: Peter Samuelson <peter@p12n.org>
Date: Wed, 10 Mar 2010 11:13:31 -0600
Message-id: <[🔎] 20100310171331.GT18278@p12n.org>
In-reply-to: <[🔎] 20100310143214.GE10578@celtic.nixsys.be>
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] 874okyuov4.fsf@windlord.stanford.edu> <[🔎] 20100303151752.835b34d3.erikd@mega-nerd.com> <[🔎] 20100303104725.GA18778@celtic.nixsys.be> <[🔎] slrnhosifd.rmi.trash@kelgar.0x539.de> <[🔎] 1267650344.8266.262.camel@solid.paris.klabs.be> <[🔎] 87bpf3vrai.fsf@qurzaw.linpro.no> <[🔎] 1268066168.21347.9661.camel@solid.paris.klabs.be> <[🔎] 87wrxmbkdn.fsf@windlord.stanford.edu> <[🔎] 20100310143214.GE10578@celtic.nixsys.be>

[Wouter Verhelst]
> At any rate, a PGP signature takes a lot of data; much more so than
> a checksum.  It's therefore more economical to produce a signed
> package.checksums file than it is to produce a package.pgpsigs.

Huh?  Since asymmetric cryptography is so computationally expensive,
PGP never signs the payload directly.  Instead, the payload is hashed
and then the hash is signed.  So it is not (noticeably) more economical
to sign foo.md5sums than to sign the whole data.tar.gz.

[Same goes for encrypting: PGP encrypts with a conventional block
cipher like AES and a randomly generated key, then encrypts the _key_
using RSA.  Again, this is for efficiency.]

Or is this not what you meant?  I'm confused.


> And since checksum files are generated at build time rather than at
> install time, it is possible to download a known-good copy of the
> .deb that is installed (using snapshot.debian.org, once it gets live,
> for instance, or from a not-compromised host's apt cache), and verify
> the files against that copy rather than the copy that is on the disk.

If you're going to the trouble to download a .deb, why bother with
signatures at all?  Why not just compare the full text directly?

If you have a .deb on a different host and don't want to transfer the
entire thing over the network, well, no reason you can't do your
SHA16384 on both ends, and transfer only the hashes at that time.
-- 
Peter Samuelson | org-tld!p12n!peter | http://p12n.org/

Reply to:

Follow-Ups:
- Re: Bug#540215: Introduce dh_checksums
  - From: Russ Allbery <rra@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Russ Allbery <rra@debian.org>
- Re: md5sums files
  - From: Erik de Castro Lopo <erikd@mega-nerd.com>
- Re: md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Philipp Kern <trash@philkern.de>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: md5sums files
  - From: Tollef Fog Heen <tfheen@err.no>
- Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: Bug#540215: Introduce dh_checksums
  - From: Russ Allbery <rra@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: Re: Removing the manpage requirement for GUI programs?
Next by Date: Re: source package descriptions: subtsvars are not enough
Previous by thread: Re: Bug#540215: Introduce dh_checksums
Next by thread: Re: Bug#540215: Introduce dh_checksums
Index(es):
- Date
- Thread