Re: git & Debian packaging sprint report

[Russ Allbery <rra@debian.org>]

Ansgar Burchardt <ansgar@debian.org> writes:
> Russ Allbery writes:

>> If so, I think that security model is roughly equivalent to the
>> automatic signing of binary packages by buildds, so probably doesn't
>> introduce a new vulnerability,

> It doesn't rely on strong cryptographic hashes to guarantee integrity.
> To quote Wikipedia:

> +---
> | Revision control systems such as Git, Mercurial, and Monotone use
> | SHA-1 not for security but to identify revisions and to ensure that
> | the data has not changed due to accidental corruption.
> +---[ https://en.wikipedia.org/wiki/SHA-1#Data_integrity ]

> But developers could instead just sign artifacts using a strong
> cryptographic hash that will be included in the source package; for
> example the .orig.tar and .debian.tar which can be made reproducible
> (git-archive is supposed to be reproducible; compression might not be so
> just sign the uncompressed version).

> We shouldn't go back to trusting SHA-1.

I'm dubious that we really care that much about a preimage attack on
SHA-1, but sure, if there's some easy way to use something different, that
would be more future-proof.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>