/[gentoo]/xml/htdocs/proj/en/glep/glep-0059.txt
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0059.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.5 Revision 1.7
1GLEP: 59 1GLEP: 59
2Title: Manifest2 hash policies and security implications 2Title: Manifest2 hash policies and security implications
3Version: $Revision: 1.5 $ 3Version: $Revision: 1.7 $
4Last-Modified: $Date: 2010/01/31 07:55:45 $ 4Last-Modified: $Date: 2010/02/02 05:49:27 $
5Author: Robin Hugh Johnson <robbat2@gentoo.org>, 5Author: Robin Hugh Johnson <robbat2@gentoo.org>,
6Status: Draft 6Status: Draft
7Type: Standards Track 7Type: Standards Track
8Content-Type: text/x-rst 8Content-Type: text/x-rst
9Requires: 44 9Requires: 44
24========== 24==========
25This GLEP is being written as part of the work on signing the Portage 25This GLEP is being written as part of the work on signing the Portage
26tree, but is only tangentially related to the actual signing of 26tree, but is only tangentially related to the actual signing of
27Manifests. Checksums present one possible weak point in the overall 27Manifests. Checksums present one possible weak point in the overall
28security of the tree - and a comprehensive security plan is needed. 28security of the tree - and a comprehensive security plan is needed.
29
30This GLEP is not mandatory for the tree-signing specification, but
31instead aims to improve the security of the hashes used in Manifest2.
32As such, it is also able to stand on it's own.
29 33
30Specification 34Specification
31============= 35=============
32The bad news 36The bad news
33------------ 37------------
99As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms. 103As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms.
100In future, as stream-based checksums are developed (in response to the 104In future, as stream-based checksums are developed (in response to the
101development by NIST [AHS]), they should be considered and used. 105development by NIST [AHS]), they should be considered and used.
102 106
103The SHA512 algorithm is available in Python 2.5, which has been a 107The SHA512 algorithm is available in Python 2.5, which has been a
104dependency of Portage since approximately Python 2.1.6.13. 108dependency of Portage since approximately Portage 2.1.6.13.
105 109
106The WHIRLPOOL checksum is not available within the PyCrypto library or 110The WHIRLPOOL checksum is not available within the PyCrypto library or
107hashlib that is part of Python 2.5, but there are multiple alternative 111hashlib that is part of Python 2.5, but there are multiple alternative
108Python implementations available, ranging from pure Python to C-based 112Python implementations available, ranging from pure Python to C-based
109(python-mhash). 113(python-mhash).
128 132
129Backwards Compatibility 133Backwards Compatibility
130======================= 134=======================
131Old versions of Portage may support and expect only specific checksums. 135Old versions of Portage may support and expect only specific checksums.
132This is accounted for in the checksum depreciation discussion. 136This is accounted for in the checksum depreciation discussion.
137
138For maximum compatiability, we should only have to include each of the
139old algorithms that we are officially still supporting, as well as the
140new ones that we prefer.
133 141
134References 142References
135========== 143==========
136 144
137[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions", 145[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions",

Legend:
Removed from v.1.5  
changed lines
  Added in v.1.7

  ViewVC Help
Powered by ViewVC 1.1.20