Date: Wed, 31 Jan 2007 05:20:32 +1100 From: Peter Jeremy <peterjeremy@optushome.com.au> To: Gabor Kovesdan <gabor@freebsd.org> Cc: cvs-ports@freebsd.org, cvs-all@freebsd.org, ports-committers@freebsd.org Subject: Re: cvs commit: ports/audio/gnump3d Makefile distinfo ports/devel/bglibs Makefile ports/devel/cppi Makefile ports/devel/cvsd Makefile ports/dns/walker Makefile distinfo ports/ftp/lftp Makefile distinfo ports/ftp/twoftpd Makefile ... Message-ID: <20070130182032.GD892@turion.vk2pj.dyndns.org> In-Reply-To: <200701291905.l0TJ57fG093002@repoman.freebsd.org> References: <200701291905.l0TJ57fG093002@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--B4IIlcmfBL/1gGOG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, 2007-Jan-29 19:05:07 +0000, Gabor Kovesdan wrote: > Remove USE_GPG from all effected ports. This sounds like it could have been useful. FreeBSD is currently sorely missing a good general authentication mechanism (though cperciva@ is doing his best to create bits of one). > was supposed to work is useless, because if we can't trust the distfile = =66rom > the remote machine, we can't trust the signature from the same machine e= ither. This isn't true. If you have a known good public key, then you can trust the signature (and hence the distfile), even if both are downloaded from crackers-r-us. The whole point of digital signatures is that you can obtain information from an untrusted source (eg the Internet) and be able to determine if it was has been tampered with. > Our MD5 and SHA256 are good for checking both the sanity and the > trustiness of distfiles. Except that the MD5 and SHA256 checksums can't be totally trusted. There are a variety of MITM attacks which could allow someone to alter checksums stored on an end-user hosts. I think it's unfortunate that the security team was not involved in this decision. --=20 Peter Jeremy --B4IIlcmfBL/1gGOG Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFv4xw/opHv/APuIcRArlLAJwNlWitRdjt/C9/1MXEouPJ09PTNQCgwdPH jpCV4XQxDtuWIpV6YxGbQ3I= =yujR -----END PGP SIGNATURE----- --B4IIlcmfBL/1gGOG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070130182032.GD892>