Re: How APT signs packages
On Fri, 2012-10-19 at 12:27 +0200, Florian Ernst wrote: There aren't any. That is, there aren't any such plans *anymore*, as SHA256 is already in use and that page is partially misleading, cf. I recently started a discussion on debian-devel about moving to even stronger hashes like SHA512 or Keccack. - 8 - What does it mean for md5sum to be broken? Since it's a checksum, I thought the only way it can be broken is that it fail to compute the proper checksum. I have a feeling some other meaning is intended. --RossBoylan That's complete nonsense md5sum is at first place a hash algorithm (and not a checksum) for which collision resistance is utterly important. Cheers, Chris. smime.p7s Description: S/MIME cryptographic signature
How APT signs packages
Hi, Where can I find an uptodate description of exactly how PGP is used by APT in packaging? I can't find the source any more but I got the impression that the individual packages were not signed but merely checksummed and that the list of checksums was the only thing that was actually signed. What is the real situation? Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.bso.2.02.1210191228260.11...@yeeloong.dhcp.inet.fi
Re: How APT signs packages
On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote: Hi, Where can I find an uptodate description of exactly how PGP is used by APT in packaging? I can't find the source any more but I got the impression that the individual packages were not signed but merely checksummed and that the list of checksums was the only thing that was actually signed. What is the real situation? That is true. As described here[1], the package checksums are stores in the Packages file, the checksums for the Packages file are stored in the Release file and the release file is GPG signed. So you have a chain of fidelity from Releases to the package and a chain of trust from yourself to the Releases. [1] http://wiki.debian.org/SecureApt Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.bso.2.02.1210191228260.11...@yeeloong.dhcp.inet.fi signature.asc Description: Digital signature
Re: How APT signs packages
On Fri, 19 Oct 2012, Darac Marjal wrote: On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote: Hi, Where can I find an uptodate description of exactly how PGP is used by APT in packaging? I can't find the source any more but I got the impression that the individual packages were not signed but merely checksummed and that the list of checksums was the only thing that was actually signed. What is the real situation? That is true. As described here[1], the package checksums are stores in the Packages file, the checksums for the Packages file are stored in the Release file and the release file is GPG signed. So you have a chain of fidelity from Releases to the package and a chain of trust from yourself to the Releases. [1] http://wiki.debian.org/SecureApt Thanks. The weak point, relatively speaking, looks to be the MD5 checksums in Releases. The link above [1] says MD5 is now a broken hash function, and should be replaced for all security-minded usages. Out of curiosity, what are the plans then for moving up to SHA256 or better? Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.bso.2.02.1210191311000.11...@yeeloong.dhcp.inet.fi
Re: How APT signs packages
Hello there, On Fri, Oct 19, 2012 at 01:14:44PM +0300, Lars Nooden wrote: On Fri, 19 Oct 2012, Darac Marjal wrote: [...] [1] http://wiki.debian.org/SecureApt Thanks. The weak point, relatively speaking, looks to be the MD5 checksums in Releases. The link above [1] says MD5 is now a broken hash function, and should be replaced for all security-minded usages. Out of curiosity, what are the plans then for moving up to SHA256 or better? There aren't any. That is, there aren't any such plans *anymore*, as SHA256 is already in use and that page is partially misleading, cf. - 8 - What does it mean for md5sum to be broken? Since it's a checksum, I thought the only way it can be broken is that it fail to compute the proper checksum. I have a feeling some other meaning is intended. --RossBoylan **it is broken as people were able to actually create a fake certificate that could sign anything and was trusted, they did this by finding a collision, they created a certificate that had the same md5 sum as the certificate they were issued, and where thereby able to give themselves right other than they were granted.--Scientes ***apt has supported sha256 checksums since version 0.7.7, so these will be used in lenny and future releases. --JoeyHess - 8 - in the comments of the very same page as well as check your /var/lib/apt/lists/*_{Release,Packages} for verification. Cheers, Flo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121019102759.gd21...@fernst.no-ip.org
Re: How APT signs packages
On Fri, 19 Oct 2012, Florian Ernst wrote: ... ***apt has supported sha256 checksums since version 0.7.7, so these will be used in lenny and future releases. --JoeyHess - 8 - in the comments of the very same page as well as check your /var/lib/apt/lists/*_{Release,Packages} for verification. Thanks. One comment claimed that from Lenny onwards SHA256 checksums would be used. But in Squeeze, *_Release still has MD5 checksums, at least for the repository I have. So it looks like the infrastructure supports SHA but it's still needed to do the tedious work of migration. Is there any archive of why the move was not made for Lenny or later? Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.bso.2.02.1210191331500.11...@yeeloong.dhcp.inet.fi
Re: How APT signs packages
On 2012-10-19 12:43 +0200, Lars Nooden wrote: On Fri, 19 Oct 2012, Florian Ernst wrote: ... ***apt has supported sha256 checksums since version 0.7.7, so these will be used in lenny and future releases. --JoeyHess - 8 - in the comments of the very same page as well as check your /var/lib/apt/lists/*_{Release,Packages} for verification. Thanks. One comment claimed that from Lenny onwards SHA256 checksums would be used. But in Squeeze, *_Release still has MD5 checksums, at least for the repository I have. So it looks like the infrastructure supports SHA but it's still needed to do the tedious work of migration. The Release files contain MD5, SHA1 and SHA256 checksums, and apt uses the strongest of those. Cheers, Sven -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87391a20dq@turtle.gmx.de