From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 73932139694 for ; Mon, 3 Apr 2017 17:49:29 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2CB5FE0D0E; Mon, 3 Apr 2017 17:49:21 +0000 (UTC) Received: from forward3o.cmail.yandex.net (forward3o.cmail.yandex.net [IPv6:2a02:6b8:0:1a72::288]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id BDA93E0C04 for ; Mon, 3 Apr 2017 17:49:20 +0000 (UTC) Received: from smtp3j.mail.yandex.net (smtp3j.mail.yandex.net [95.108.130.68]) by forward3o.cmail.yandex.net (Yandex) with ESMTP id 7102320BFF for ; Mon, 3 Apr 2017 20:49:18 +0300 (MSK) Received: from smtp3j.mail.yandex.net (localhost.localdomain [127.0.0.1]) by smtp3j.mail.yandex.net (Yandex) with ESMTP id 450E26240449 for ; Mon, 3 Apr 2017 20:49:17 +0300 (MSK) Received: by smtp3j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id YRcRKkovN3-nHZ4nqSe; Mon, 03 Apr 2017 20:49:17 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) X-Yandex-Suid-Status: 1 0 From: "Vadim A. Misbakh-Soloviov" To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] [RFC] New Manifest hashes and how to enable them Date: Tue, 04 Apr 2017 00:49:16 +0700 Message-ID: <2335055.1A3ajG4IdB@note> In-Reply-To: <878tnhflos.fsf@kestrel.kyomu.43-1.org> References: <1491239350.1978.1.camel@gentoo.org> <878tnhflos.fsf@kestrel.kyomu.43-1.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8" X-Archives-Salt: 4cac2a60-e720-43d0-9347-fb9b373806ad X-Archives-Hash: 347ca49ca36e864695182c60cd3de12b > What is the gain of using a secure hash > algorithm in the manifests if you can simply replace the manifest with a > MITM attack on the rsync update? I'd say "the solution is to stop using rsync and use git" (there is git mirror with all the metadata), but... Git does not support (correct me, if I'm wrong) resuming a fetch in case of fails (bad connection, slow connection, or the any other reason to stop it and continue later). So... We either need GPG manifest signing enabled, or totally move to git and ignore all the users with bad internet connection and totally move portage to git (hint: we shouldn't), until we invent something else, that can solve all of that problems.