Subject: Re: [boost] Providing means to verify integrity and authenticity for releases
From: Tom Kent (lists_at_[hidden])
Date: 2016-03-16 07:36:47
On Tue, Mar 15, 2016 at 2:31 AM, Vladimir Prus <vladimir.prus_at_[hidden]>
> Hi Tom,
> On 3/15/2016 5:34 AM, Tom Kent wrote:
> I would really like to see the core release team adopt a similar procedure
>> in their release. This would only take a few steps:
> > 1. Switch from md5 sums to a secure hash, such as SHA-256.
> You make it sounds as if the use of md5 checksums is a huge problem, but I
> think that for release checking we only care about second-preimage
> resistance, and there's no remotely practical attack on md5 still.
> Of course, sha2 is better and just as easy to compute.
Very true, but A) why not? B) this might not be the case ten years from
now, and some developer may want to use an old archive.
> 2. Sign these sums with a secure PGP/GPG key.
>> 3. Publish this signed file with the sums alongside the downloads.
> This is indeed not very hard to do, but do you think many people will
> go to the trouble of:
> - Getting PGP key of a release manager and verifying that
> - Checking signature of the sums file
> - Checking the checksum proper
> Maybe detached GPG signature of release binary itself will be a tad
> more convenient?
No, I don't think many people at all will care one iota about this, I would
expect less than 1%. However, of that 1% that might care at all, I would
expect 90% of those would just care that they got a valid download and want
to check the sums, only that final 10% of the 1% would want to verify the
signature. Because of this, I think it is better to have a separate sums
file....but I would be completely happy with either solution.