On Sat, 19 Nov 2005 15:29:30 +0900
Jason Stubbs <[EMAIL PROTECTED]> wrote:
> On Saturday 19 November 2005 15:01, Robin H. Johnson wrote:
> > After my post to -core about how to move ahead with signing, I
> > thought the next best place to continue is in a discussion of how
> > Portage handles mani
On Fri, 18 Nov 2005 22:01:27 -0800
"Robin H. Johnson" <[EMAIL PROTECTED]> wrote:
> Ergo, instead of a Manifest being re-generated each time, it needs to
> act like a FIFO queue.
Or in other words: transactional manifests.
> Each queue element consists of:
> - checksum/existing Manifest element o
On Sat, 19 Nov 2005 20:59:07 +0900
Jason Stubbs <[EMAIL PROTECTED]> wrote:
> On Saturday 19 November 2005 20:41, Mike Auty wrote:
> > If portage can already handle multiple hash formats,
>
> Portage can't handle multiple hash formats at the moment. It is only
> smart enough to not throw a fit whe
On Sat, 19 Nov 2005 11:41:54 + Mike Auty <[EMAIL PROTECTED]>
wrote:
| So now the task is for an untrusted user to get a dev to sign
| some long random value that hashes to one thing, and then replace it
| with a different long random value when a user finally downloads it.
| It must then
On Fri, Nov 18, 2005 at 10:01:27PM -0800, Robin H. Johnson wrote:
> Hi,
>
Nobody is debating the need for it, don't really need to go back over
that terrain- alt chf support in manifest/digest is needed so that we
can transition cleanly from chf to cfh long term as algos are broken.
Hopefully
On Saturday 19 November 2005 20:41, Mike Auty wrote:
> If portage can already handle multiple hash formats,
Portage can't handle multiple hash formats at the moment. It is only smart
enough to not throw a fit when other hash formats appear.
> then perhaps it would just be best to start shifting
At the moment,
The MD5 (and theoretical SHA1) attacks create two pieces of data that
hash to the same value. As I understand it, neither piece of data can
be chosen at the moment, and tend to be long and fairly random.Also,
the attacks that you're proposing to protect against must be comi
On Sat, Nov 19, 2005 at 06:44:34AM +, Ciaran McCreesh wrote:
> | First, the blatantly obvious, for the benefit of same developers, even
> | though it's not relevant to signing. It is still a weak-point and does
> | need to be addressed. Multiple-hashes!
> There is no proof that multiple hashes
On Saturday 19 November 2005 15:44, Ciaran McCreesh wrote:
> On Fri, 18 Nov 2005 22:01:27 -0800 "Robin H. Johnson"
> <[EMAIL PROTECTED]> wrote:
> | First, the blatantly obvious, for the benefit of same developers, even
> | though it's not relevant to signing. It is still a weak-point and does
> | n
On Fri, 18 Nov 2005 22:01:27 -0800 "Robin H. Johnson"
<[EMAIL PROTECTED]> wrote:
| First, the blatantly obvious, for the benefit of same developers, even
| though it's not relevant to signing. It is still a weak-point and does
| need to be addressed. Multiple-hashes!
There is no proof that multipl
On Saturday 19 November 2005 15:01, Robin H. Johnson wrote:
> After my post to -core about how to move ahead with signing, I thought
> the next best place to continue is in a discussion of how Portage
> handles manifests and their signatures.
>
> First, the blatantly obvious, for the benefit of sa
Hi,
After my post to -core about how to move ahead with signing, I thought
the next best place to continue is in a discussion of how Portage
handles manifests and their signatures.
First, the blatantly obvious, for the benefit of same developers, even
though it's not relevant to signing. It is st
12 matches
Mail list logo
