On Mon, Jan 12, 2009 at 3:35 PM, Aaron Griffin <aaronmgriffin@gmail.com> wrote:
Haven't we been over this like a hundred times? md5sums are not used for security. Not ever. Nope. Nada.
We use them solely to detect whether or not the download completed as expected. And sha256 is going way overboard here.
It has been discussed before, in fact, you said this back in November: "The checksums in pacman are only used for integrity, not security. I agree that the first step towards super-omg-secure packages would be switching to a different checksum, but sha1 might be deemed insecure soon too. Why not jump over that one to something like sha256?" ...so a month ago you didn't think sha256 was going overboard, and now you do? I'd also make a semantics argument and say that if the "integrity" of the package could possibly be compromised by the creation of a malicious package with the same md5 checksum, then that absolutely effects the "security" of our system...the two ideas are not completely separate. Of course I realize that changing the checksum does not add any security benefits as far as package signing and all of that goes (establishing a truly secure package distribution system is a much bigger project), but it DOES eliminate one current vulnerability, and on top of that it's extremely easy to make the change. What is the downside? -- Aaron "ElasticDog" Schaefer