[Catalog-sig] repository security concerns

[Martin v. Loewis]

Stuart Bishop <zen@shangri-la.dropbear.id.au> writes:

> It would be perfectly valid to reveal the SHA-1 hash
> of a file, so that a client can confirm the validity
> of a file *with a different mirror* to avoid using a
> corrupt version. This would reduce attack points to
> the master server that allows uploading of new files.

Having the public key of the uploader on a different mirror achieves
the same trust.

Regards,
Martin