But at the risk of repeating the obvious, I will paraphrase Phil Zimmerman's pgp READMEs: it is only as safe as the computers hosting the signing and checking code. If an attacker trojaned your local GnuPG binary or tampered with your public keyring, he could get false signatures past you.
This is just as true for the md5sum or sha1 binary on your system! You don't really "lose" anything. If the attacker can replace these binaries that means he has root locally on your system. This also means he can replace your kernel, insert modules, play around with memory, etc, etc. Once an attacker gets root on a system (unless that system is severely secured) the game is over and it is time to reinstall from trusted media. I am much more worried about someone running a mirror site and that site getting compromised (like ftp.win.tue.nl), the attacker trojans the files and md5sums on the remote site, users download and everything appears ok. With GnuPG that would not be possible, the attacker would have to break into the SuSE machine used to sign packages. I assume this machine is NOT online, i.e. they have removable media such as a jaz drive to move the data, meaning any attack would have to be physical (which really reduces the number of people capable of carrying it out).
And the trusted suse private key (using suse as an example) may be shared among a number of employees, and it may even be used for automatic code signing (eugh!) It would just take one of them to allow their private keyring to be stolen - and until they notice and get an announcement to you - you are vulnerable to man-in-the-middle attacks.
"may be shared". And SuSE might install a default root password we can't remove. What the heck is your point? Now you're making things up and talking out your ass. Can we stick to facts instead of making them up?
BTW IMHO the key doesn't need to be on the CD to be trusted. The SuSE key fingerprint is in chapter 18 of the manual. If you get a paper manual it is reasonably independent of the Internet.
GnuPG key disitribution is a *LOT* easier, you only have to do it once, correctly. You can reinforce it by having the key on your website, attached to emails, etc. Doing md5sum/sha1 distribution is an impossible task (you need a seperate secure channel for it, etc, etc).
dproc
-Kurt