[Catalog-sig] repository security concerns
Martin v. Loewis
martin@v.loewis.de
14 Mar 2002 08:28:48 +0100
Stuart Bishop <zen@shangri-la.dropbear.id.au> writes:
> It would be perfectly valid to reveal the SHA-1 hash
> of a file, so that a client can confirm the validity
> of a file *with a different mirror* to avoid using a
> corrupt version. This would reduce attack points to
> the master server that allows uploading of new files.
Having the public key of the uploader on a different mirror achieves
the same trust.
Regards,
Martin