Re: Let's shrink Packages.xz
Dimitri John Ledkov <email@example.com> writes:
> Huh, I'm not quite sure that multiple hashes actually gain us anything
> at all in terms of compromisation, since ultimately all our archive
> metadata is protected by a single hash only.
> Whilst replacing individual files & simultaneously matching multiple
> hash algorithms, is an interesting problem. It's much more interesting
> to match SHA256 of Release file such that Release.gpg validates, then
> you can replace /all/ files with valid checksums across the board. Or
> otherwise generate/break the archive signing key.
Ah, yes, excellent point.
So yes, other than backward compatibility, I see no reason to keep any
hash other than the hash we're also using for the GnuPG signature.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>