On Tue, Dec 14, 2021 at 11:56:09AM +0100, Yann Droneaud wrote: > Hi, > > I'm not familiar with the Python release process, but looking at the latest > release > > https://www.python.org/downloads/release/python-3101/ > > we can see MD5 is still used ... which doesn't sound right in 2021 ... > especially since we proved it's possible to build different .tar.gz that > have the same MD5
Please ignore my ignorant question, but what is the actual threat you are concerned about here? Anyone who gains access to the Python web site sufficient to smuggle in a different .tar.gz file will surely also be able to just change the checksum on the website to whatever they want. It doesn't matter what the checksum is or how strong it is, MD5 or SHA256 or any other checksum. An attacker who can change the file can change the checksum to match it. And both the download and the webpage listing the checksum are over https. If we don't trust https, the whole internet is broken and changing to a stronger checksum won't help. A hypothetical MITM attacker capable of breaking https and injecting new content into the download file can likewise change the checksum. Checksums are, as far as I understand it, only good for verifying data integrity against download errors, not malicious attack. And for that, MD5 is more than sufficient. Have I missed something? -- Steve _______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/IFBRCJ3LKLV3MINIFJF5WO6QHN54ERVC/ Code of Conduct: http://python.org/psf/codeofconduct/
