Mailinglist Archive: opensuse-buildservice (140 mails)

< Previous Next >
Re: [opensuse-buildservice] adding checksums to the buildinfo
  • From: Pascal Bleser <pascal.bleser@xxxxxxxxxxxx>
  • Date: Tue, 17 Jul 2012 17:52:23 +0200
  • Message-id: <20120717155223.GG5757@hera>
On 2012-07-17 17:43:40 (+0200), Robert Schiele <rschiele@xxxxxxxxx> wrote:
On Tue, Jul 17, 2012 at 5:38 PM, Pascal Bleser
<pascal.bleser@xxxxxxxxxxxx> wrote:
(don't use MD5, it's insecure and can relatively easily be
hacked with collisions, use SHA instead ;))

While this is basically true MD5 is used in OBS all over the place and
thus for consistency and code reuse reasons it might still make sense
to go with that. It should also be noted that the intent of the MD5
sum in Marcus' proposal is not to add a layer of security for
malicious attacks (that you better prevent by verifying RPM signatures
and SSL certificates for the connection (when using https)) but to use
it as a simple checksum mechanism to detect technical transmission
issues.

Alright, I understood "integrity" as in "security" too ;)

And "while this is basically true" is always a risky statement,
so let's make this very clear: MD5. IS. INSECURE. period.

Unless you have legacy code and don't use it for security, and
you are fine with someone manipulating the content unless you
have another source of authentication, never, ever use MD5
again.

As long as it is very clear to everyone that MD5 hashes can be
manipulated (quite easily, actually), then it's fine, but just
don't confuse it for an authoritative source :)

But indeed, in this case, the X.509 of the HTTPS connection
already provides an authenticity verification (as long as those
are indeed verified, including on the hostname).

cheers
--
-o) Pascal Bleser
/\\ http://opensuse.org -- we haz green
_\_v http://fosdem.org -- we haz conf
< Previous Next >
Follow Ups