[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SHA-1 vs SHA256 + public key
|
From: |
Mark H Weaver |
|
Subject: |
Re: SHA-1 vs SHA256 + public key |
|
Date: |
Tue, 23 May 2017 01:03:19 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
Hi Mark,
Mark Rijckenberg <address@hidden> writes:
> I noticed that your team still distributes SHA-1 checksums for the
> .iso images for guix at – for example – the following URL:
>
> https://lists.gnu.org/archive/html/guix-devel/2017-05/msg00379.html
The same announcement also prominently lists the detached digital
signatures for every file, and includes instructions on how to use GnuPG
to perform the verification. Those digital signatures are based on
SHA256 and 4096-bit RSA.
The hashes included in the announcement are not able to provide secure
authentication, regardless of what hash function is used, because the
announcement itself might have been modified before it reaches your
mailbox. I think it's a mistake to give anyone the impression that this
method can be made secure.
I cannot speak for Ludovic, but I strongly suspect the purpose of those
SHA-1 hashes is merely to provide a convenient way to check for benign
file transfer errors. It may be that we should include an explicit
warning that those hashes are not suitable for authentication.
> SHA256 (or SHA512) is now the standard (for the moment).
Yes, and SHA256 is the primary hash function used within Guix. Most
notably, you'll find that every package definition in Guix includes a
SHA256 hash of the associated source tarball.
Regards,
Mark