From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 24A0D1396D9 for ; Wed, 25 Oct 2017 17:43:34 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AA7F3E0D12; Wed, 25 Oct 2017 17:43:26 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 49362E0BF4 for ; Wed, 25 Oct 2017 17:43:26 +0000 (UTC) Received: from phjr-macbookpro.local (unknown [188.121.0.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: phajdan.jr) by smtp.gentoo.org (Postfix) with ESMTPSA id 9A0F733BEC7 for ; Wed, 25 Oct 2017 17:43:24 +0000 (UTC) Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th: one hash to decide them all To: gentoo-dev@lists.gentoo.org References: <1508440120.19870.14.camel@gentoo.org> <26AE424C-19DF-4059-A7DE-8ED6D605FF2C@gentoo.org> <1508817879.1688.6.camel@gentoo.org> <1508818272.1688.7.camel@gentoo.org> <73ce6032-2c65-676c-cf5c-233810555df5@gentoo.org> <1508851547.25623.0.camel@gentoo.org> <64bba51d-5ba1-c1cc-44e7-68df468669e7@allanwegan.de> <20171025143204.0ebe00b4@pc1> From: =?UTF-8?Q?Pawe=c5=82_Hajdan=2c_Jr.?= Message-ID: <0c7b9f9f-1e8b-5291-d60f-a76ca8889ddb@gentoo.org> Date: Wed, 25 Oct 2017 19:43:15 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <20171025143204.0ebe00b4@pc1> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="BismbgVHRW38t4Kq8IQ8Okm7RMStqSVc5" X-Archives-Salt: 73ad2298-a023-42fc-a34c-dc571bf8aa4e X-Archives-Hash: 43f6ab2ebb80677a12dddf0f7126c669 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BismbgVHRW38t4Kq8IQ8Okm7RMStqSVc5 Content-Type: multipart/mixed; boundary="TbtUkJ6JCCeEh3aB3QFJEGQeqBxoPG7C3"; protected-headers="v1" From: =?UTF-8?Q?Pawe=c5=82_Hajdan=2c_Jr.?= To: gentoo-dev@lists.gentoo.org Message-ID: <0c7b9f9f-1e8b-5291-d60f-a76ca8889ddb@gentoo.org> Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th: one hash to decide them all References: <1508440120.19870.14.camel@gentoo.org> <26AE424C-19DF-4059-A7DE-8ED6D605FF2C@gentoo.org> <1508817879.1688.6.camel@gentoo.org> <1508818272.1688.7.camel@gentoo.org> <73ce6032-2c65-676c-cf5c-233810555df5@gentoo.org> <1508851547.25623.0.camel@gentoo.org> <64bba51d-5ba1-c1cc-44e7-68df468669e7@allanwegan.de> <20171025143204.0ebe00b4@pc1> In-Reply-To: <20171025143204.0ebe00b4@pc1> --TbtUkJ6JCCeEh3aB3QFJEGQeqBxoPG7C3 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 25/10/2017 14:32, Hanno B=C3=B6ck wrote: > Good security includes reducing complexity. Tough (as evident by this > thread) it's a thought many people find hard to accept. > > This thread is going into a completely different direction and I find > that worriesome. We have two non-problems ("what if secure hash X gets > broken?" and "what if it's too slow? I haven't benchmarked, but what if= > it's too slow??") and people proposing increasingly complex solutions. >=20 > If you do what you propose my worries aren't that any hash gets broken > or that it's too slow. It's that some bug will chime in where in some > situation no hash gets checked whatsoever. +1 I consider the multiple hashes we have a part of providing smooth migration path (keeping around hashes supported by older portage versions). Other than that, yeah, watch out for complexity. Pawe=C5=82 --TbtUkJ6JCCeEh3aB3QFJEGQeqBxoPG7C3-- --BismbgVHRW38t4Kq8IQ8Okm7RMStqSVc5 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQIcBAEBCgAGBQJZ8M04AAoJEOOGGXc/wLdaxGgP/0MX8StoSdJrb9/YFs7gW8JG YBYdodJM0UJpPc86Fwwpzp7uFbLChL8x2T9WaVfQ5cQoyhFkpx+tEtisjTmHTFnJ +WXSbfhKbrdcgnaVx1a2yJ/PIMBxRJZqc74B84ROLz1t/Qbd/48mkuIIp53suyCZ azMKxajmEQ7S35HZSuwRijx0NN5cBRS6nmSwhwIwuAwR/lWUco052DnLX7xehtrj yk1OmJ4PF964bLVN8ElkN9BPfZg6qGKWXqa0ppyOElEARFTD+hlSEnPWZsebCAOC d+fUgKdSGTqkQMdokt6TwQ+0P67uodQOYp/YFVjIi4WSGqzJvbwVzZ1wy5qXk4kb 3+h7oGcTo7VPQcgV2RL8PD71RPHYLC6igmn3+O77PR/qjFoVJ8I2H10O1ioLQNE3 lSxXrQUEVhSNSJr1xTSCcDxdIliloH9BiL3btEA+rO+RpnXZfTPsRHBHFLI0dc6/ VdwsP+DjFuyrDA1HVjTr0663O9cnwvBzwV4blRj/Qk64ciFBtGP9ai7TDdTkoHkH 6wTGJ7HfAnpdGpM298X5FhrpQg2/qCXSxInZ2WZ2QRSLlW3qrWzB6VcwObeHPd9+ OJa1n9+Kh1fjDfFp/OWOfj5kJV92zu96fFAan9zKfWkCPK007GrhzZg2wIp9TPAZ q07XaEVcj9C9Kyr0PYp0 =j2BH -----END PGP SIGNATURE----- --BismbgVHRW38t4Kq8IQ8Okm7RMStqSVc5--