Subject: Re: signed binary pkgs [was: Re: BPG call for use cases]
To: Hubert Feyrer <email@example.com>
From: Curt Sampson <firstname.lastname@example.org>
Date: 07/22/2005 19:03:26
On Fri, 22 Jul 2005, Hubert Feyrer wrote:
> In the process of creating the +CONTENTS file from the PLIST (in pkg_create)
> we calculate MD5 checksums of all files right now, so that may be a possible
> point to add that signing.
We should be using better hashes than MD5, these days. But yes, possibly
just signing the +CONTENTS file would do the trick. On the other hand,
it might be nice to have a generic way of signing archives--I've put in
a use case for that.
> I think there's a difference if you sign every file in an archive, or the
> archive as a whole, and as such I'm not sure this approach is good enough.
Well, let's do a security analysis of it. It would be nice to avoid
having to ship around two separate files all the time.
Curt Sampson <email@example.com> +81 90 7737 2974 http://www.NetBSD.org
Make up enjoying your city life...produced by BIC CAMERA