Re: packages without .md5sums file?
On Fri, Jul 27, 2001 at 09:09:55PM +0200, Wichert Akkerman wrote:
> Previously Marcus Brinkmann wrote:
> > Can you elaborate on the advantage of letting everyone generate their own
> > checksums for the installed files? Seems to me a waste of cpu cycles.
>
> We process all the data in a pipe anyway so calculating the checksum
> takes no effort. Benefits are we don't need to store them on lots of mirrors
> (space saving), it's more configurable (specify which checksums you want),
> it's more flexible (easily add new checksums without changing the archive).
I think that the checksums should be in the package, and burned on CDs along
with the package, so you can verify them more easily. Creating them by
an untrusted system, and storing them on writable media (even temporarily)
is a process which is difficult to harden.
In contrast, if the md5sums are stored in the package on CD, verification
is easy: You just need to boot from the (trusted) CD, and kick off the
comparison with the CD content. It is easier to trust a list of checksums
mirrored world wide and verified by many users than to trust a list
which is generated by the system you want to verify.
The whole checksums should only take up a couple of megabytes, and
any per-file checksum which is cryptographically secure should do.
I don't see the need for a lot of flexibility here.
Thanks,
Marcus
Reply to: