On Mon, Jan 12, 2009 at 4:42 PM, Aaron Schaefer <aaron@elasticdog.com> wrote:
On Mon, Jan 12, 2009 at 5:29 PM, Aaron Griffin <aaronmgriffin@gmail.com> wrote:
Have you never had a corrupted download? "Alright, 356K... wait, not a tar file? what the hell?"
checksums have been used to "check" transmission of data for ages. Hell, your router even does some form of checksumming on packets it sends and receives.
I'm not saying that since md5 is broken, it's completely worthless...its usage for packet verification still makes sense because that is extremely short-lived data that has other checks in place (sequence numbers, TTL values, identification codes, etc.) that prevent attackers from being able to take advantage of md5's weaknesses. When you're storing data that isn't temporary and want to use a checksum for verification of that data, you don't have a lot of other protections in place like you do with networking protocols.
My point was that we absolutely SHOULD be using checksums, and preferably a checksum that has no known vulnerabilities at this time...that's all. Your response shows that you DO see the value in using checksums, but I'm not understanding your preference for md5 over sha256.
It's not so much a preference as it is the fact that we won't be gaining much, if anything, from this change, and the change is going to take work. Making announcements, changing the official repos over, dealing with bug reports, etc etc... it's just work that seems like it's for naught.