Panu Matilainen <pmati...@redhat.com> writes: >> https://tests.sequoia-pgp.org/rpmsop.html#Detached_Sign-Verify_roundtrip_with_key__Bob___MD5 >> >> - accepts MD5 signatures !!! >> >> https://tests.sequoia-pgp.org/rpmsop.html#Signature_over_the_shattered_collision >> >> - accepts SHA1 signatures !!! > > Rpm needs to be able to work with content from the nineties, when MD5 > was still the hottest thing around, ditto with SHA1.
Contemporary versions of RPM need to work with content from the nineties? I find that hard to believe. > At least openssl backend supports FIPS mode, which is where these get > rejected as expected nowadays. FIPS mode as in /proc/sys/crypto/fips_enabled? Or is there another mechanism for openssl or RPM? What about the security of systems that are not in FIPS mode? In my opinion, these signatures should be rejected by RPM. If working with nineties material is really a thing, the user should explicitly opt-into these unsafe algorithms. Justus
signature.asc
Description: PGP signature
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
