On Sun, Dec 19, 2021, 11:49 AM Steven D'Aprano > And both the download and the webpage listing the checksum are over https. > If we don't trust https, the whole internet is broken and changing to a > stronger checksum won't help. A hypothetical MITM attacker capable of > breaking https and injecting new content into the download file can > likewise change the checksum. >
I think the attack is Mallory can influence Alice to use an installer obtained from somewhere else (e.g. a caching proxy, a shared drive, a thumb drive, embedded in an OS distribution, etc). As "assurance" Mallory tells Alice to validate the installer against the hash published on python.org, which Mallory has not compromised. >
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/5XGZWCBDJI5Z7MTGD7QGS4QKQWS5Z4DP/ Code of Conduct: http://python.org/psf/codeofconduct/