On Thu, Jan 22, 2009 at 6:43 AM, <[email protected]> wrote: > > > http://codereview.appspot.com/11948/diff/1/2 > File doc/html/compiledModuleFormat/index.html (right): > > http://codereview.appspot.com/11948/diff/1/2#newcode107 > Line 107: manifest: { ...}, > Other standard keys to consider: > date cajoled, original source > > http://codereview.appspot.com/11948/diff/1/2#newcode122 > Line 122: <td><code class="prettyprint">sha1sum</code></td> > On 2009/01/21 19:32:22, MikeSamuel wrote: >> >> Do we want the name of a particular hashing algorithm in the property > > name? >> >> SHA-1 will be replaced at some point by a new hash algo. > > When the algorithm changes, we probably want old signatures to break > too. We can split the checksum into two keys, one that names the > algorithm and one that gives it a value but I am not sure how that's > better than this.
Actually, you don't usually want that - normally you want to start signing with the new one and continue to validate old ones - that way, you don't erase history :-) Once you decide the old one is so broken you shouldn't even use it for validation except for known-old signatures (usually some time after its been deprecated), then you can disable validation according to some policy. If you don't have at least some overlap then rolling the algorithm is effectively impossible. So, I vote for including an algorithm identifier, and noting the possibility of a downgrade attack, and how to deal with it. > > http://codereview.appspot.com/11948 >
