On Tue, Jun 3, 2008 at 9:30 AM, Jameson Chema Quinn <[EMAIL PROTECTED]> wrote: > On formats, I agree in principle. But as your own email points out, there > are already two different signature formats invented for the XO, because of > specifics about what is to be signed. If these do not work for my needs, I > do not see why I should not invent another.
Exactly because we already have two, we should avoid having *three*! It would be better to patch one of these so we only have *one*. (And what are the two formats you are referring to?) > The OpenPGP attack you mention has to do with encryption, not signatures. Please read page 25 of ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf. Although there is (yet) no practical attack, it (like MD5) is not recommended for new applications. > I did look at JAR files, and decided that their format lacked some desirable > features. They are based on md5 hashes, which are close to broken; they do You are wrong. http://java.sun.com/j2se/1.3/docs/guide/jar/jar.html#Digital%20Signatures > not allow for granting privileges to secondary keys, which means that You can have any number of .SF signature files, signing any combination of the contents. > user; they interact poorly with differential versioning storage; and they do They in fact interact quite well. See http://wiki.laptop.org/go/XO_updater#Application_updater > not allow for unsigned content in a signed bundle, which makes localization I do not believe this to be the case. > more of a pain. Any one of those problems I could have lived with, the three > together seem to me like a good enough reason for changing a format. And And in the absence of any of the three? > The contents manifest specification does not fit my needs either. I'll let this pass, for now, but I explicitly designed it to fit both the OS and activity update case, so I find this statement puzzling. I think what you mean is, "it does not solve *all* my problems for me", and this is because it is not designed to. It is just one part of a solution. But I prefer the JAR file format for activities anyway, so I don't think it's worth belaboring this. --scott -- ( http://cscott.net/ ) _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
