On 24/02/17 08:59, Giancarlo Razzolini wrote: > Em fevereiro 23, 2017 19:22 Allan McRae escreveu: >> On 24/02/17 07:58, Eli Schwartz wrote: >>> Good luck convincing Allan (you'll *need* it...). >> >> Not going to happen... >> > > Allan, > > I want to pitch you another line of thought. I followed that > discussion last year, > and I've been following closely the fallout of today's google > announcement on the > "practical" sha1 attack. > > Anyone who actually read the paper, and got past the > sensationalism and the hypeness > of those vulnerabilities sites (why does everything needs a site > now?), knows that > it doesn't change much for our usage of sha1, or md5 for that > matter. > > You argued on the last year's discussion that using stronger > hashes would gave the > a "false sense of security". I don't disagree with that. But I > want to add that using > weaker (if only in keyspace or cryptographically) also creates a > false sense of > *insecurity*. > > And this people that have this false sense of insecurity, will be > the same people who > will have the false sense of security, regardless of what we do. > They don't use GPG, > nor ever will. They don't care if upstream sign things. All they > see is: md5, and now > sha1, are "broken" and arch should stop using them. > > With that in mind, using stronger algorithms, would be very easy > for us (that patch is > trivial), wouldn't have any drawbacks (just that stupid people > would fell "safer"), and > would make those same people to stop complaining that we don't > use strong hashes. > > I don't see the issue of upstream never signing things changing > on the near future. So > we should either do a bigger change, perhaps even that crc > proposal of yours, or do this > smaller change and use stronger hashes by default. >
I find that a terrible argument. A
