| … | |
… | |
| 25 | <tbody valign="top"> |
25 | <tbody valign="top"> |
| 26 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">59</td> |
26 | <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">59</td> |
| 27 | </tr> |
27 | </tr> |
| 28 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">Manifest2 hash policies and security implications</td> |
28 | <tr class="field"><th class="field-name">Title:</th><td class="field-body">Manifest2 hash policies and security implications</td> |
| 29 | </tr> |
29 | </tr> |
| 30 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.5</td> |
30 | <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.6</td> |
| 31 | </tr> |
31 | </tr> |
| 32 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference external" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0059.txt?cvsroot=gentoo">2010/01/31 07:55:45</a></td> |
32 | <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference external" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0059.txt?cvsroot=gentoo">2010/01/31 09:55:43</a></td> |
| 33 | </tr> |
33 | </tr> |
| 34 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Robin Hugh Johnson <robbat2 at gentoo.org>,</td> |
34 | <tr class="field"><th class="field-name">Author:</th><td class="field-body">Robin Hugh Johnson <robbat2 at gentoo.org>,</td> |
| 35 | </tr> |
35 | </tr> |
| 36 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> |
36 | <tr class="field"><th class="field-name">Status:</th><td class="field-body">Draft</td> |
| 37 | </tr> |
37 | </tr> |
| … | |
… | |
| 83 | <h1><a class="toc-backref" href="#id2">Motivation</a></h1> |
83 | <h1><a class="toc-backref" href="#id2">Motivation</a></h1> |
| 84 | <p>This GLEP is being written as part of the work on signing the Portage |
84 | <p>This GLEP is being written as part of the work on signing the Portage |
| 85 | tree, but is only tangentially related to the actual signing of |
85 | tree, but is only tangentially related to the actual signing of |
| 86 | Manifests. Checksums present one possible weak point in the overall |
86 | Manifests. Checksums present one possible weak point in the overall |
| 87 | security of the tree - and a comprehensive security plan is needed.</p> |
87 | security of the tree - and a comprehensive security plan is needed.</p> |
|
|
88 | <p>This GLEP is not mandatory for the tree-signing specification, but |
|
|
89 | instead aims to improve the security of the hashes used in Manifest2. |
|
|
90 | As such, it is also able to stand on it's own.</p> |
| 88 | </div> |
91 | </div> |
| 89 | <div class="section" id="specification"> |
92 | <div class="section" id="specification"> |
| 90 | <h1><a class="toc-backref" href="#id3">Specification</a></h1> |
93 | <h1><a class="toc-backref" href="#id3">Specification</a></h1> |
| 91 | <div class="section" id="the-bad-news"> |
94 | <div class="section" id="the-bad-news"> |
| 92 | <h2><a class="toc-backref" href="#id4">The bad news</a></h2> |
95 | <h2><a class="toc-backref" href="#id4">The bad news</a></h2> |
| … | |
… | |
| 151 | defeated.</p> |
154 | defeated.</p> |
| 152 | <p>As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms. |
155 | <p>As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms. |
| 153 | In future, as stream-based checksums are developed (in response to the |
156 | In future, as stream-based checksums are developed (in response to the |
| 154 | development by NIST [AHS]), they should be considered and used.</p> |
157 | development by NIST [AHS]), they should be considered and used.</p> |
| 155 | <p>The SHA512 algorithm is available in Python 2.5, which has been a |
158 | <p>The SHA512 algorithm is available in Python 2.5, which has been a |
| 156 | dependency of Portage since approximately Python 2.1.6.13.</p> |
159 | dependency of Portage since approximately Portage 2.1.6.13.</p> |
| 157 | <p>The WHIRLPOOL checksum is not available within the PyCrypto library or |
160 | <p>The WHIRLPOOL checksum is not available within the PyCrypto library or |
| 158 | hashlib that is part of Python 2.5, but there are multiple alternative |
161 | hashlib that is part of Python 2.5, but there are multiple alternative |
| 159 | Python implementations available, ranging from pure Python to C-based |
162 | Python implementations available, ranging from pure Python to C-based |
| 160 | (python-mhash).</p> |
163 | (python-mhash).</p> |
| 161 | <p>The existence unsupported hash is not considered to be a failure unless |
164 | <p>The existence unsupported hash is not considered to be a failure unless |
| … | |
… | |
| 177 | </div> |
180 | </div> |
| 178 | <div class="section" id="backwards-compatibility"> |
181 | <div class="section" id="backwards-compatibility"> |
| 179 | <h1><a class="toc-backref" href="#id9">Backwards Compatibility</a></h1> |
182 | <h1><a class="toc-backref" href="#id9">Backwards Compatibility</a></h1> |
| 180 | <p>Old versions of Portage may support and expect only specific checksums. |
183 | <p>Old versions of Portage may support and expect only specific checksums. |
| 181 | This is accounted for in the checksum depreciation discussion.</p> |
184 | This is accounted for in the checksum depreciation discussion.</p> |
|
|
185 | <p>For maximum compatiability, we should only have to include each of the |
|
|
186 | old algorithms that we are officially still supporting, as well as the |
|
|
187 | new ones that we prefer.</p> |
| 182 | </div> |
188 | </div> |
| 183 | <div class="section" id="references"> |
189 | <div class="section" id="references"> |
| 184 | <h1><a class="toc-backref" href="#id10">References</a></h1> |
190 | <h1><a class="toc-backref" href="#id10">References</a></h1> |
| 185 | <dl class="docutils"> |
191 | <dl class="docutils"> |
| 186 | <dt>[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions",</dt> |
192 | <dt>[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions",</dt> |
| … | |
… | |
| 242 | |
248 | |
| 243 | </div> |
249 | </div> |
| 244 | <div class="footer"> |
250 | <div class="footer"> |
| 245 | <hr class="footer" /> |
251 | <hr class="footer" /> |
| 246 | <a class="reference external" href="glep-0059.txt">View document source</a>. |
252 | <a class="reference external" href="glep-0059.txt">View document source</a>. |
| 247 | Generated on: 2010-01-31 07:55 UTC. |
253 | Generated on: 2010-02-02 05:44 UTC. |
| 248 | Generated by <a class="reference external" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference external" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
254 | Generated by <a class="reference external" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference external" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source. |
| 249 | |
255 | |
| 250 | </div> |
256 | </div> |
| 251 | </body> |
257 | </body> |
| 252 | </html> |
258 | </html> |
Parent Directory
| 
Revision Log
| 
Patch