On 26 January 2017 at 18:20, Mike Lissner <mliss...@michaeljaylissner.com> wrote: > I filed a bug about this already, but I've been directed to email here > instead. The bug I filed is: > https://issues.apache.org/jira/browse/INFRA-12626 > > Basically, on download pages we provide obsolete hashes for our downloads > (MD5 and SHA1). These are meant, as I understand it, to serve two purposes. > First, they allow you to make sure that your download succeeded.
Agreed > Second, they allow you to ensure that your download wasn't tampered with. They aren't intended for that purpose. > For the first purpose: Great. They work. For the second purpose, however, > we need to move away from MD5 and SHA1 hashes, both of which can now be > attacked with relatively modest hardware. > > Browsers are moving away from SHA1 at a very fast pace. See: > > https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html > > And: > > https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ Those hashes serve a different purpose. > I don't know who's responsible for this, but my bug was closed because it's > not the infrastructure team, and so I'm trying here. > > I suggest we move to SHA2 hashes for all verification purposes. And how do you verify that the SHA2 hash has not been tampered with? With PGP signatures one can check the WoT (web of trust). And the PGP public keys are published in the KEYS files which are derived from a source code repo to which only ASF committers have write access. I think it would be a mistake to give the impression that hashes are of use for anything other than a sophisticated download checksum. > Thanks, > > Mike --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@community.apache.org For additional commands, e-mail: dev-h...@community.apache.org
