| 1 |
On Mon, Sep 15, 2014 at 6:11 PM, Gordon Pettey <petteyg359@×××××.com> wrote: |
| 2 |
> |
| 3 |
> Even if you wanted to burn the money to find that magical collision that |
| 4 |
> actually contains working code, you've still got to somehow propagate that |
| 5 |
> to other repositories, since they'll just ignore it for having the same hash |
| 6 |
> as an already-existing object. |
| 7 |
> |
| 8 |
|
| 9 |
Well, if you're willing to trust that nobody is able to tamper with |
| 10 |
repositories, then you don't need gpg signatures in the first place. |
| 11 |
|
| 12 |
I think that gpg signatures protected by an SHA1 hash provide fairly |
| 13 |
little security - a chain is as strong as its weakest link and sha1 |
| 14 |
has been considered fairly weak for years now. |
| 15 |
|
| 16 |
However, I think it does make sense to at least get gpg into the |
| 17 |
workflow in the hopes that some day git will move to a stronger hash, |
| 18 |
and since it isn't a huge hardship to do so. |
| 19 |
|
| 20 |
I wouldn't make too light of the use of SHA1 though. As you point out |
| 21 |
simply exploiting it isn't enough, but the whole reason for having |
| 22 |
signatures is to make an attack on a central repository useless. |
| 23 |
Having gpg on top of ssh keys and all that is obviously redundant, but |
| 24 |
that is the whole point of it. |
| 25 |
|
| 26 |
-- |
| 27 |
Rich |
Archives