On Mon, Jan 28, 2008 at 05:20:52PM +0000, Matt Zimmerman wrote: > On Mon, Jan 28, 2008 at 09:28:48AM -0700, Neal McBurnett wrote: > > > (I'm all in favor of moving to SHA256 or whatever is considered best > > > practice these days. I've just not heard that MD5 is really as broken as > > > I think Chris suggests here.) > > > > One easy thing to do is to also publish sha256 sums of the CD > > images, so if MD5 preimage attacks are developed, that would help. > > > > I think we should do that now, and consider a hash function in a > > different class also (whirlpool?). > > > > Shipping more hash functions in the base install would help a lot in a > > crisis, so users have what they need to validate software updates. > > I guess coreutils has the md5 and sha families well covered, but > > again, something different like whirlpool could help a lot some day. > > Perhaps we should publish detached signatures for each ISO rather than > signing MD5SUMS?
>From what I've heard, the main principle for dealing with hash issues is "algorithm agility" - i.e. making it easy for folks to use multiple algorithms. Publishing detached signatures is a way to make the user interface easier (perhaps) for folks that want to validate the gpg signature. But I would think many (especially those without a good way to trust the gpg key, as noted previously) would want to just be able to validate hashes. I would still argue for the use of multiple hash algorithms, and I guess for gpg that means multiple detached signatures, one per hash algorithm. And some are not supported by all versions of gpg.... I'd suggest we publish a "CHECKSUMS" file with a good assortment of hashes in text format, and also sign that. Neal McBurnett http://mcburnett.org/neal/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
