Re: How APT signs packages

2012-10-20 Thread Christoph Anton Mitterer 
On Fri, 2012-10-19 at 12:27 +0200, Florian Ernst wrote:
 There aren't any. That is, there aren't any such plans *anymore*, as
 SHA256 is already in use and that page is partially misleading, cf.
I recently started a discussion on debian-devel about moving to even stronger 
hashes like SHA512 or Keccack.


 - 8 -
 What does it mean for md5sum to be broken? Since it's a checksum, I
 thought the only way it can be broken is that it fail to compute the
 proper checksum. I have a feeling some other meaning is intended.
 --RossBoylan
That's complete nonsense md5sum is at first place a hash algorithm
(and not a checksum) for which collision resistance is utterly
important.


Cheers,
Chris.


smime.p7s
Description: S/MIME cryptographic signature

How APT signs packages

2012-10-19 Thread Lars Nooden 
Hi,

Where can I find an uptodate description of exactly how PGP is used by APT 
in packaging?  I can't find the source any more but I got the impression 
that the individual packages were not signed but merely checksummed and 
that the list of checksums was the only thing that was actually signed.  
What is the real situation?

Regards,
/Lars


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/alpine.bso.2.02.1210191228260.11...@yeeloong.dhcp.inet.fi

Re: How APT signs packages

2012-10-19 Thread Darac Marjal 
On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote:
 Hi,
 
 Where can I find an uptodate description of exactly how PGP is used by APT 
 in packaging?  I can't find the source any more but I got the impression 
 that the individual packages were not signed but merely checksummed and 
 that the list of checksums was the only thing that was actually signed.  
 What is the real situation?

That is true. As described here[1], the package checksums are stores in
the Packages file, the checksums for the Packages file are stored in
the Release file and the release file is GPG signed. So you have a
chain of fidelity from Releases to the package and a chain of trust from
yourself to the Releases.

[1] http://wiki.debian.org/SecureApt

 
 Regards,
 /Lars
 
 
 -- 
 To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 http://lists.debian.org/alpine.bso.2.02.1210191228260.11...@yeeloong.dhcp.inet.fi
 


signature.asc
Description: Digital signature

Re: How APT signs packages

2012-10-19 Thread Lars Nooden 
On Fri, 19 Oct 2012, Darac Marjal wrote:

 On Fri, Oct 19, 2012 at 12:28:36PM +0300, Lars Nooden wrote:
  Hi,
  
  Where can I find an uptodate description of exactly how PGP is used by APT 
  in packaging?  I can't find the source any more but I got the impression 
  that the individual packages were not signed but merely checksummed and 
  that the list of checksums was the only thing that was actually signed.  
  What is the real situation?
 
 That is true. As described here[1], the package checksums are stores in
 the Packages file, the checksums for the Packages file are stored in
 the Release file and the release file is GPG signed. So you have a
 chain of fidelity from Releases to the package and a chain of trust from
 yourself to the Releases.
 
 [1] http://wiki.debian.org/SecureApt

Thanks.  The weak point, relatively speaking, looks to be the MD5 
checksums in Releases.  The link above [1] says MD5 is now a broken hash 
function, and should be replaced for all security-minded usages. 

Out of curiosity, what are the plans then for moving up to SHA256 or 
better?

Regards,
/Lars


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/alpine.bso.2.02.1210191311000.11...@yeeloong.dhcp.inet.fi

Re: How APT signs packages

2012-10-19 Thread Florian Ernst 
Hello there,

On Fri, Oct 19, 2012 at 01:14:44PM +0300, Lars Nooden wrote:
 On Fri, 19 Oct 2012, Darac Marjal wrote:
  [...]
  [1] http://wiki.debian.org/SecureApt
 
 Thanks.  The weak point, relatively speaking, looks to be the MD5 
 checksums in Releases.  The link above [1] says MD5 is now a broken hash 
 function, and should be replaced for all security-minded usages. 
 
 Out of curiosity, what are the plans then for moving up to SHA256 or 
 better?

There aren't any. That is, there aren't any such plans *anymore*, as
SHA256 is already in use and that page is partially misleading, cf.

- 8 -
What does it mean for md5sum to be broken? Since it's a checksum, I
thought the only way it can be broken is that it fail to compute the
proper checksum. I have a feeling some other meaning is intended.
--RossBoylan

**it is broken as people were able to actually create a fake certificate
that could sign anything and was trusted, they did this by finding a
collision, they created a certificate that had the same md5 sum as the
certificate they were issued, and where thereby able to give themselves
right other than they were granted.--Scientes

***apt has supported sha256 checksums since version 0.7.7, so these will
be used in lenny and future releases. --JoeyHess
- 8 -

in the comments of the very same page as well as check your
/var/lib/apt/lists/*_{Release,Packages} for verification.

Cheers,
Flo


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121019102759.gd21...@fernst.no-ip.org

Re: How APT signs packages

2012-10-19 Thread Lars Nooden 
On Fri, 19 Oct 2012, Florian Ernst wrote:
...
 ***apt has supported sha256 checksums since version 0.7.7, so these will
 be used in lenny and future releases. --JoeyHess
 - 8 -
 
 in the comments of the very same page as well as check your
 /var/lib/apt/lists/*_{Release,Packages} for verification.

Thanks.  One comment claimed that from Lenny onwards SHA256 checksums 
would be used.  But in Squeeze, *_Release still has MD5 checksums, at 
least for the repository I have.  So it looks like the infrastructure 
supports SHA but it's still needed to do the tedious work of migration.

Is there any archive of why the move was not made for Lenny or later?

Regards,
/Lars


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/alpine.bso.2.02.1210191331500.11...@yeeloong.dhcp.inet.fi

Re: How APT signs packages

2012-10-19 Thread Sven Joachim 
On 2012-10-19 12:43 +0200, Lars Nooden wrote:

 On Fri, 19 Oct 2012, Florian Ernst wrote:
 ...
 ***apt has supported sha256 checksums since version 0.7.7, so these will
 be used in lenny and future releases. --JoeyHess
 - 8 -
 
 in the comments of the very same page as well as check your
 /var/lib/apt/lists/*_{Release,Packages} for verification.

 Thanks.  One comment claimed that from Lenny onwards SHA256 checksums 
 would be used.  But in Squeeze, *_Release still has MD5 checksums, at 
 least for the repository I have.  So it looks like the infrastructure 
 supports SHA but it's still needed to do the tedious work of migration.

The Release files contain MD5, SHA1 and SHA256 checksums, and apt uses
the strongest of those.

Cheers,
   Sven


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87391a20dq@turtle.gmx.de