> What is the gain of using a secure hash > algorithm in the manifests if you can simply replace the manifest with a > MITM attack on the rsync update?
I'd say "the solution is to stop using rsync and use git" (there is git mirror with all the metadata), but... Git does not support (correct me, if I'm wrong) resuming a fetch in case of fails (bad connection, slow connection, or the any other reason to stop it and continue later). So... We either need GPG manifest signing enabled, or totally move to git and ignore all the users with bad internet connection and totally move portage to git (hint: we shouldn't), until we invent something else, that can solve all of that problems.
