[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's shrink Packages.xz

Dimitri John Ledkov <xnox@debian.org> writes:

> Huh, I'm not quite sure that multiple hashes actually gain us anything
> at all in terms of compromisation, since ultimately all our archive
> metadata is protected by a single hash only.

> Whilst replacing individual files & simultaneously matching multiple
> hash algorithms, is an interesting problem. It's much more interesting
> to match SHA256 of Release file such that Release.gpg validates, then
> you can replace /all/ files with valid checksums across the board. Or
> otherwise generate/break the archive signing key.

Ah, yes, excellent point.

So yes, other than backward compatibility, I see no reason to keep any
hash other than the hash we're also using for the GnuPG signature.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: