Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

[Kurt Roeckx <kurt@roeckx.be>]

On Thu, Oct 11, 2012 at 01:19:58AM +0200, Christoph Anton Mitterer wrote:
> Hi folks.
> 
> AFAICS, secure APT and similar things (e.g. dpkg's file hash sums) still
> use even MD5.

dpkg-genchanges and dak both generate md5, sha1 and sha256.  So
.deb files themself are hashed by all 3 of them.  A as far as I
know all tools that verify those files also check all 3 of those
hashes.

As far as I understand, there is no need to move away from sha256
to SHA-3 when it becomes available at this time.

So basicly the question is if we want to keep the md5 and sha1 in
those files or not.

MD5 is covered by policy, and it's the only mentioned in policy,
maybe that should change.

There are also the md5sums files that are stored in the .deb file.
I'm not really sure what the real use case for them is and
wouldn't have a problem with them going away.

Then there dpkg status file keeps track of config files with md5
to see if they changed on upgrade.  I can see no good reason to
change this.

> Wouldn't it make sense to start discussions about moving to the
> "strongest" possible?

I see no reason why we can't also add SHA-3 to the files when the
tools become available.

> Or, like in the case of package files (dsc and friends) make a policy of
> verifying all hashes, and fail if any single doesn't match?

As far that's already the case?



Kurt