Em fevereiro 23, 2017 19:22 Allan McRae escreveu:
On 24/02/17 07:58, Eli Schwartz wrote:Good luck convincing Allan (you'll *need* it...).Not going to happen...
Allan,
I want to pitch you another line of thought. I followed that discussion
last year,
and I've been following closely the fallout of today's google
announcement on the
"practical" sha1 attack.
Anyone who actually read the paper, and got past the sensationalism and
the hypeness
of those vulnerabilities sites (why does everything needs a site now?),
knows that
it doesn't change much for our usage of sha1, or md5 for that matter.
You argued on the last year's discussion that using stronger hashes
would gave the
a "false sense of security". I don't disagree with that. But I want to
add that using
weaker (if only in keyspace or cryptographically) also creates a false
sense of
*insecurity*.
And this people that have this false sense of insecurity, will be the
same people who
will have the false sense of security, regardless of what we do. They
don't use GPG,
nor ever will. They don't care if upstream sign things. All they see is:
md5, and now
sha1, are "broken" and arch should stop using them.
With that in mind, using stronger algorithms, would be very easy for us
(that patch is
trivial), wouldn't have any drawbacks (just that stupid people would fell
"safer"), and
would make those same people to stop complaining that we don't use
strong hashes.
I don't see the issue of upstream never signing things changing on the
near future. So
we should either do a bigger change, perhaps even that crc proposal of
yours, or do this
smaller change and use stronger hashes by default.
Cheers,
Giancarlo Razzolini
pgpxPvFuKoehb.pgp
Description: PGP signature
