On Mon, Jan 12, 2009 at 3:35 PM, Aaron Griffin <aaronmgriffin@xxxxxxxxx> wrote: > Haven't we been over this like a hundred times? md5sums are not used > for security. Not ever. Nope. Nada. > > We use them solely to detect whether or not the download completed as > expected. And sha256 is going way overboard here. It has been discussed before, in fact, you said this back in November: "The checksums in pacman are only used for integrity, not security. I agree that the first step towards super-omg-secure packages would be switching to a different checksum, but sha1 might be deemed insecure soon too. Why not jump over that one to something like sha256?" ...so a month ago you didn't think sha256 was going overboard, and now you do? I'd also make a semantics argument and say that if the "integrity" of the package could possibly be compromised by the creation of a malicious package with the same md5 checksum, then that absolutely effects the "security" of our system...the two ideas are not completely separate. Of course I realize that changing the checksum does not add any security benefits as far as package signing and all of that goes (establishing a truly secure package distribution system is a much bigger project), but it DOES eliminate one current vulnerability, and on top of that it's extremely easy to make the change. What is the downside? -- Aaron "ElasticDog" Schaefer
