<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Thu, Apr 4, 2013 at 12:04 AM, Glyph <span dir="ltr"><<a href="mailto:glyph@twistedmatrix.com" target="_blank">glyph@twistedmatrix.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Security-wise, signing an actually-secure hash is not that much different than signing the tarballs themselves. Signing MD5 hashes, on the other hand, is useless as a security measure.<br>
<br>
I think we should carry on with signing the list of signatures for now, and just upgrade the hash algorithm. Baby steps. Perhaps there are some theoretical benefits that come from signing the whole binary blob, but that's a much bigger change for a much smaller benefit.<br>
</blockquote><div><br></div><div>In fact, I believe there is no such thing as "signing the whole binary blob". When you use something like gpg --sign, what is actually signed with a public key signature algorithm is a hash of the content anyway. Thus, assuming you use the same hash algorithm as you would have instructed gpg to use (I think the default is SHA512 these days), there isn't any real difference between signing the content directly, and signing a hash of the content.<br>
</div></div>-- <br>mithrandi, i Ainil en-Balandor, a faer Ambar
</div></div>