[Twisted-Python] Release questions

Laurens Van Houtven _ at lvh.cc
Thu Apr 4 20:32:51 EDT 2013 

On Thu, Apr 4, 2013 at 8:15 PM, Tristan Seligmann
<mithrandi at mithrandi.net>wrote:

> In fact, I believe there is no such thing as "signing the whole binary
> blob". When you use something like gpg --sign, what is actually signed with
> a public key signature algorithm is a hash of the content anyway. Thus,
> assuming you use the same hash algorithm as you would have instructed gpg
> to use (I think the default is SHA512 these days), there isn't any real
> difference between signing the content directly, and signing a hash of the
> content.
>
>
While you technically could sign the entire thing, yes, that is how (at
least DSA) works.

DSA, by default, used SHA-1; recent revisions support SHA-2. A few years
ago, GnuPG and several big users including Debian and Apache started
suggesting the move to RSA instead of DSA keys. The algorithms vary a bit
in speed and signature size, but the main reason was to allow newer hash
functions.

That said, I'm pretty sure GPG uses a newer revision of DSA: when I left
the defaults untouched near the end of 2012, it still seemed to prefer
DSA/ElGamal despite the news from a few years ago. IIRC, the first version
of the algorithm only allowed 1024 bit keys, whereas my DSA key is 3072.

Here's how you check what you support and in which preference:

===== SNIPPET FOLLOWS =====

~ ❯ gpg --edit-key E6D6AAAE
gpg (GnuPG) 1.4.13; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  3072D/E6D6AAAE  created: 2012-10-14  expires: 2016-10-14  usage: SCA
                     trust: ultimate      validity: ultimate
sub  3072g/7EF5843E  created: 2012-10-14  expires: 2016-10-14  usage: E
[ultimate] (1). Laurens Van Houtven <_ at lvh.io>
[ultimate] (2)  Laurens Van Houtven <lvh at twistedmatrix.com>
[ultimate] (3)  Laurens Van Houtven <_ at lvh.cc>

gpg> showpref
[ultimate] (1). Laurens Van Houtven <_ at lvh.io>
     Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify
[ultimate] (2)  Laurens Van Houtven <lvh at twistedmatrix.com>
     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify
[ultimate] (3)  Laurens Van Houtven <_ at lvh.cc>
     Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
     Digest: SHA256, SHA1, SHA384, SHA512, SHA224
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

gpg>

===== SNIPPET ENDS =====

As you can see, the preferred hash is SHA-256. That's, as far as we know,
perfectly secure right now; IIUC the only reason SHA-512 isn't the default
is backwards compatibility. PGP (the proprietary version) and gpg have both
supported SHA-256 for *years and years* (and SHA-512 for years too, just
not as many of the years ;-))

Assuming your key is recent (but please check with showpref as I
demonstrated above), there isn't a problem with signing shasum files.

cheers
lvh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-python/attachments/20130405/d344d10f/attachment-0001.htm

More information about the Twisted-Python mailing list