n3npq at mac.com
Sun Mar 6 06:29:41 PST 2011
On Mar 6, 2011, at 5:24 AM, Anders F Björklund wrote:
> Ryan Schmidt wrote:
>>> I guess the checksums are the next lint complaint ?
>>> Since the old ports are still using MD5, I mean...
>> Less important than nagging about ports still using md5 at this point would be to nag about ports only using a single checksum type for a distfile. :/ In such a nag, it could be recommended to use sha1 and rmd160.
> Or just one sha256, but yeah that is what I meant.
> It would be more useful to add the download size,
> than to use two separate 160-bit checksum lines ?
I used to believe that the combination of a size+digest
"no tampering" check was sufficiently stronger than using
more bits in the digest, or adding a second (and longer) digest.
Turns out that there are many MD5 exploits that do not change
But without an explicit "threat model" for downloads, its difficult
to discuss whether 2 digests is "better" than everything SHA* or
digest+size as a policy rule for downloading.
In reality the digest is more of an integrity than a security check (imho)
for downloaders, and even CRC would be gud enuf for integrity (but not security)
73 de Jeff
More information about the macports-dev