On 30 Jul 2013 05:15, "Donald Stufft" <don...@stufft.io> wrote: > > > On Jul 29, 2013, at 2:57 PM, zooko <zo...@zooko.com> wrote: > >> I'd like to push back on the other risk, that someone might figure out how to >> make MD5 second-pre-images. I don't think this is a risk that we need to >> urgently address, and I've written a short note explaining why. This note is >> incomplete, badly edited, has not been peer-reviewed, and is not ready for >> publication, but I thought it might help folks evaluate how urgent it is to >> upgrade from MD5, so here it is. > > > I don't think it's urgent to fix it, but I think it's a good security hardening effort > with very little downside and very little chance of regression. However, as I > said if Holger, or anyone else, has a concern about the affects of adding this > bit of security hardening to give us a safety net again then I simply won't do > it in the simple API.
I'm thinking that may be the way to go - treat verified SSL as our final stop-gap for the simple API and focus on hardening the next generation APIs. This is more for social reasons than strictly technical ones. I think you're right this particular change is unlikely to break anything, but there are also enough genuinely essential changes needed that we should avoid unnecessary flux in other areas. In this case, I think the need for a pre-image attack that still produces a working download and an old installer that isn't using verified SSL but can check SHA256 hashes reduces the attack window to a point where I'm prepared to live with the use of MD5 as a known risk. Cheers, Nick. > > ----------------- > Donald Stufft > PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA > > > _______________________________________________ > Distutils-SIG maillist - Distutils-SIG@python.org > http://mail.python.org/mailman/listinfo/distutils-sig >
_______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig
