[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: MD5 is broken
From: |
Tom Lord |
Subject: |
Re: [Gnu-arch-users] Re: MD5 is broken |
Date: |
Wed, 16 Mar 2005 11:33:45 -0800 (PST) |
From: Karel Gardas <address@hidden>
I was in impression that patch signing was created mainly for making
trusted archive mirrors on untrusted hosts possible.
In some sense it was, certainly. From one perspective, the mirroring
process is just an arch transport layer even though it's implementation
recursively invokes higher levels of arch.
Regarded as an application layer, arch adds some redundant checks on
the transport and storage layers, and affords some pretty generic
hooks for signing of archive transactions. That's a good place to
stop. (CVS lacks such redundant checks and so notoriously fails on NFS
and historically was attacked in the Linux kernel project.)
Further security enhancements beyond those checks are apt to be,
at this point in history, "situation specific". Add additional checksums
or fancier signing all you like: but it would take very rigorous work
to persuade me that the arch core should take on much of that burden.
-t
- [Gnu-arch-users] MD5 is broken, Ivan Boldyrev, 2005/03/15
- Re: [Gnu-arch-users] MD5 is broken, Matthew Dempsky, 2005/03/16
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jan Hudec, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken,
Tom Lord <=
- Re: [Gnu-arch-users] Re: MD5 is broken, Matthew Dempsky, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Peter Conrad, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Peter Conrad, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jason McCarty, 2005/03/16
- [Gnu-arch-users] Re: MD5 is broken, Matthieu Moy, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/16