recent discussion regarding 'checksums'
Benjamin R. Haskell
rsync at benizi.com
Tue Sep 28 21:20:59 MDT 2010
On Tue, 28 Sep 2010, Matt McCutchen wrote:
> On Mon, 2010-09-27 at 22:33 -0400, Benjamin R. Haskell wrote:
>> But the flip side is that rsync is not a security tool. MD5 is fine
>> for rsync for the same reason SHA-1 (which, as with all hashes, will
>> eventually be "broken") is fine for git:
>
> This gets a little off topic, but I /do/ want git to use a
> collision-resistant hash function. I would like to be able to fetch
> from others without giving them a free pass to poison my repository.
> I believe that was the original intended semantic of the "fetch"
> operation; it's only now eroding as SHA-1 gets studied. But the risk
> isn't great enough to goad me into action yet.
Shoot. I left out the link that was the whole point: it's Linus
explaining why SHA-1 is fine (because security happens at a higher
level):
http://kerneltrap.org/mailarchive/git/2006/8/28/211065
(Boils down to the two points I paraphrased -- but the upshot is that
hash collision != free pass to poison)
--
Best,
Ben
More information about the rsync
mailing list