[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: MD5 is broken
From: |
John Arbash Meinel |
Subject: |
Re: [Gnu-arch-users] Re: MD5 is broken |
Date: |
Wed, 16 Mar 2005 10:28:28 -0600 |
User-agent: |
Mozilla Thunderbird 1.0 (Macintosh/20041206) |
Aaron Bentley wrote:
...
Again, my feeling was to make it expandable, so that if someone wants to
turn on gpg signing, they know in advance that they should probably set
up a gpg-agent of some sort. Actually, since baz now requests 2
signatures on a commit, it motivated me to set up gpg-agent.
We're working on ways of bringing it back down to 1. It may require
an archive format bump, though.
Are you thinking to include the archive.gz checksum in the file? Is
there a reason tla checksum files can't support having files in there
that it doesn't understand? The format of the file seems perfectly
expandable, and certainly tla handles the baz sha checksums without any
problem.
What caused problems with the line?
md5 ancestry.gz aoeuaoeuthnaeou
My statement was to let people be as paranoid as they want to be. If
they don't want an agent and want to sign 4 times, let them.
My sentiment is "let's not punish people who want to operate in a
secure fashion".
True. Hence we provide a decent level of security, and if someone wants
their setup to be ultra-secure, we give them the option, with associated
difficulty. Security is a tradeoff, so I don't think we can set a hard
fast rule, probably only a baseline.
I wasn't advocating that it was the default.
Okay, I wasn't clear on that before.
Remember, doing a "tag" already requires 2 sigs, because it does a
cacherev.
Well, only when you tag from a different archive. It doesn't do a
cacherev if the direct ancestor is in the same archive.
Aaron
John
=:->
signature.asc
Description: OpenPGP digital signature
- Re: [Gnu-arch-users] Re: MD5 is broken, (continued)
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jason McCarty, 2005/03/16
- [Gnu-arch-users] Re: MD5 is broken, Matthieu Moy, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, John Arbash Meinel, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, John Arbash Meinel, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Aaron Bentley, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, John Arbash Meinel, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Aaron Bentley, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken,
John Arbash Meinel <=
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/17
- Re: [Gnu-arch-users] Re: MD5 is broken, James Blackwell, 2005/03/21
- Re: [Gnu-arch-users] Re: MD5 is broken, Matthew Dempsky, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/22
- [Gnu-arch-users] Re: MD5 is broken, Matthieu Moy, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Adrian Irving-Beer, 2005/03/22
- Re: [Gnu-arch-users] Re: MD5 is broken, Nikolai Weibull, 2005/03/22
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/23
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Aaron Bentley, 2005/03/16