On Tue, Aug 3, 2021 at 8:40 AM Simon Josefsson <si...@josefsson.org> wrote: > Jim Meyering <j...@meyering.net> writes: > > > Feel free to make the script generate a full fingerprint and even > > (though it feels a little like giving up) add a checksum or two. > > I think checksums still serve a purpose. > > Many announcement e-mails are OpenPGP signed (and sometimes with a > different key than the release tarballs, thus creating another way to > verify tarballs). > > Checksums also makes it harder to replace the tarball on the server with > a fake (or, after a key compromise, a genuine) signature. > > I don't think it is a either-or situation, but rather a > belt-and-suspender case. Ideally, people downloading a release should
Agreed. > verify both the signature (to know it comes from a trusted origin) and > checksum (to know it is the intended release, in case multiple signed > versions co-exists). > > The patches below make the maintainer-makefile announcements contain > SHA1 and B64(SHA256) checksums by default. The MD5 checksums are > dropped; they are completely insecure now. The B64(SHA256) output is > inspired by OpenSSH which started this practice with release 6.5 in 2014 > and still today prints similar outputs, see: > > https://www.openssh.com/txt/release-6.5 > https://www.openssh.com/txt/release-8.6 > > Unfortunately, 'sha256sum' can't verify these outputs, but I recall > earlier discussions around 'sha256sum --base64' so I will resume work on > that. > > We could opt to simply use the "standard" sha256sum output instead, if > people here don't like the base64 output format. Thanks, Simon! I too am all for B64-formatted checksums. You may want to coordinate with Pádraig. I think he is planning a unification of the checksum-generating tools. Your patches look fine. One nit: please drop the "Please" here :-) + print "\nPlease note that the SHA256 checksum is base64 encoded and not\n";
