[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: MD5 is broken
From: |
Karel Gardas |
Subject: |
Re: [Gnu-arch-users] Re: MD5 is broken |
Date: |
Wed, 16 Mar 2005 20:03:17 +0100 (CET) |
On Wed, 16 Mar 2005, Tom Lord wrote:
>
>
> It makes more sense to beef up security in a multi-modal fashion.
>
> For example, arch's security model already presumes that client
> machines are secure. Therefore, the use of md5 in core arch is
> ultimately just a redundant (except on NFS :-) layer of verification
> of the transports and storage layers. Little would be gained by
> strengthening the hash function given the kinds of disasters it
> properly protects against.
I was in impression that patch signing was created mainly for making
trusted archive mirrors on untrusted hosts possible. As Ivan already
pointed out, MD5 seems to be the weakest point in Arch patch signing,
hence my fears spread over this list. Or does Arch security model also
assumes continual verification/comparison of original trusted archives
with all its mirrors on untrusted hosts or some other kind of
verification? If so, this is just news for me and I should rework part of
my infrastrusture for our projects!
Thanks,
Karel
--
Karel Gardas address@hidden
ObjectSecurity Ltd. http://www.objectsecurity.com
- [Gnu-arch-users] MD5 is broken, Ivan Boldyrev, 2005/03/15
- Re: [Gnu-arch-users] MD5 is broken, Matthew Dempsky, 2005/03/16
- [Gnu-arch-users] Re: MD5 is broken, Ivan Boldyrev, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jan Hudec, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken,
Karel Gardas <=
- Re: [Gnu-arch-users] Re: MD5 is broken, Tom Lord, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Matthew Dempsky, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Andrew Suffield, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Peter Conrad, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Peter Conrad, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Karel Gardas, 2005/03/16
- Re: [Gnu-arch-users] Re: MD5 is broken, Jason McCarty, 2005/03/16
- [Gnu-arch-users] Re: MD5 is broken, Matthieu Moy, 2005/03/16