gnu-arch-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE


From: Brian May
Subject: Re: [Gnu-arch-users] (fairly minor) SECURITY ISSUE
Date: Thu, 22 Jan 2004 12:22:20 +1100
User-agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux)

>>>>> "Tom" == Tom Lord <address@hidden> writes:

    >> I think we should take this opportunity to switch to detached
    >> signatures.  [....] The advantages of this are that it doesn't
    >> require parsing the checksum file, and also we can have
    >> multiple people sign a single revision (just add more
    >> signatures in sigs/).

[...]

    Tom> Anyway: What is the semantic significance of multiply signed
    Tom> revisions and why doesn't that functionality belong
    Tom> elsewhere?  The purpose of signatures in arch is to help to
    Tom> preserve archive integrity.  Period.

Regardless of how you feel about multiple signatures, etc, I think
Colin's proposal for detached signatures is a good idea.

It means GPG will verify that the file contents are the same, and
there is no way somebody can insert extra data before or after the
real data.

Sure, you can add checks to make sure that there is no data before or
after the GPG signed data, but wouldn't it be a lot simpler, and more
flexible just to use detached signatures?
-- 
Brian May <address@hidden>




reply via email to

[Prev in Thread] Current Thread [Next in Thread]