[Catalog-sig] getting the public key when --sign is used

Daniel Holth dholth at gmail.com
Tue Nov 20 00:14:28 CET 2012

On Nov 19, 2012, at 6:08 PM, martin at v.loewis.de wrote:

> Zitat von Daniel Holth <dholth at gmail.com>:
>> I can't create two colliding uploads, uploading the first (harmless version) to pypi and then tricking someone into mirroring the second (harmful) version? The system is not designed to protect the uploaded contents at all?
> It *is* designed to protect the uploaded contents, but not against the
> uploader. Instead, it protects against some mirror operator replacing
> a mirrored file, or some attacker taking over a mirror.
> If you assume that the package author is malicious, adding SHA hashes
> would not help at all. The package author can just upload a new version,
> and get it mirrored to all copies (including the master), and nothing
> in the mirroring protocol prevents that new version from containing
> a trojan horse. All hashes would be intact and fine, and the mirror
> be consistent with the master.
>> So why not start using sha256?
> It's not that simple. Backwards compatibility needs to be considered.
> Feel free to write specifications and patches.
> And please stop making FUD claims.
> Regards,
> Martin

Ok. We aren't protecting against the uploader. My real complaint is only that md5 hasn't been a recommended primitive since 1998.

I will see about that patch. Pip at least understands #sha256=...

More information about the Catalog-SIG mailing list