[Pythonmac-SIG] Package Manager idea, adding a URL scheme
Jack.Jansen at cwi.nl
Fri Oct 3 11:03:13 EDT 2003
On Friday, October 3, 2003, at 01:13 PM, Bob Ippolito wrote:
>> Sorry, I wasn't clear enough. There is no such thing as a central
>> list of trusted packages.
>> Your database would have an IntegrityCheck of
>> The integrity check succeeding would only mean that the database the
>> user has on-disk is
>> indeed the exact same database as what you created, and by trusting
>> the database the
>> end-user trusts you (or, actually, as you pointed out elsewhere, the
>> end user trusts you and
>> your webhoster).
> I don't understand how this could possibly be useful for a database
> that changes often. You need a public key algorithm, not a hashing
The whole point of the exercise with md5 sums and using your browser
for secure http access is
to work around the fact that we have no public key algorithm in
If you know of one that has a license that is Python-compatible *and*
you can convince
Guido to incorporate it into Python 2.4: great! I'd gladly use it in
> So let's put a public key algorithm into Python and do it the right
> way. md5 is not going to do what you want it to do. md5 can only
> verify that a file is very probably exactly the same as what it was
> when the hash was created, it doesn't tell you it was created by a
> trusted source.
On its own, no. But combined with another algorithm that allows a
trusted source to
advertise (in a secure way) the md5sums of all relevant documents s/he
it does. If you really want I could write it down in
(or whatever the people involved were again).
Or, to elaborate on the steps again (taking you as an example):
1. You change your pimp database.
2. You take the md5sum of it, let's say it's 12345 (but with many more
3. You create a secure document
saying "I, Bob Ippolito, created this packman database. Use at your
4. You don't ever delete this file, even when updating the database.
5. You now upload the database to
6. My mum downloads your database through packman, and presses the
6. She is presented with a dialog
You can now use your internet browser to test that this database was
actually created by %s. Check that the padlock is closed (if it is
open there is a very good chance that this is a forged database). If
you get a message about an untrusted certificate this is also a sign
of a forgery. Finally check that the URL starts with https: and points
to the website of %s.
Note that all these checks only mean that this database has not been
with since it was created. Whether you trust %s remains wholly up
Jack Jansen, <Jack.Jansen at cwi.nl>, http://www.cwi.nl/~jack
If I can't dance I don't want to be part of your revolution -- Emma
More information about the Pythonmac-SIG