Re: [Sks-devel] Secure packaging

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Secure packaging

From:	Thomas Sjögren
Subject:	Re: [Sks-devel] Secure packaging
Date:	Fri, 5 Dec 2003 21:47:53 +0100
User-agent:	Mutt/1.5.4i

On Fri, Dec 05, 2003 at 12:34:55PM -0700, Dan Egli wrote:
> The best method I actually ever saw, albeit a bit paranoid, was to md5 
> sum the file, then NON-detached sign the md5 file.

As other people pointed out this is more of a convinient issues, and you
shouldn't use md5 [1] but sha1 [2].

[1] http://www.rsasecurity.com/rsalabs/faq/3-6-6.html
[2] http://www.rsasecurity.com/rsalabs/faq/3-6-5.html

/Thomas
-- 
== address@hidden | address@hidden
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Secure packaging, Yaron M. Minsky, 2003/12/05
- Re: [Sks-devel] Secure packaging, David Shaw, 2003/12/05
- Re: [Sks-devel] Secure packaging, Peter Palfrader, 2003/12/05
  - Re: [Sks-devel] Secure packaging, Dan Egli, 2003/12/05
    - Re: [Sks-devel] Secure packaging, Peter Palfrader, 2003/12/05
    - Re: [Sks-devel] Secure packaging, David Shaw, 2003/12/05
    - Re: [Sks-devel] Secure packaging, Thomas Sjögren <=

Prev by Date: Re: [Sks-devel] Secure packaging
Next by Date: [Sks-devel] FHS patch
Previous by thread: Re: [Sks-devel] Secure packaging
Next by thread: [Sks-devel] FHS patch
Index(es):
- Date
- Thread