Subject: Re: signed binary pkgs [was: Re: BPG call for use cases]
To: Hubert Feyrer <>
From: Curt Sampson <>
List: tech-pkg
Date: 07/22/2005 19:03:26
On Fri, 22 Jul 2005, Hubert Feyrer wrote:

> In the process of creating the +CONTENTS file from the PLIST (in pkg_create) 
> we calculate MD5 checksums of all files right now, so that may be a possible 
> point to add that signing.

We should be using better hashes than MD5, these days. But yes, possibly
just signing the +CONTENTS file would do the trick. On the other hand,
it might be nice to have a generic way of signing archives--I've put in
a use case for that.

> I think there's a difference if you sign every file in an archive, or the 
> archive as a whole, and as such I'm not sure this approach is good enough.

Well, let's do a security analysis of it. It would be nice to avoid
having to ship around two separate files all the time.

Curt Sampson  <>   +81 90 7737 2974
      Make up enjoying your city life...produced by BIC CAMERA