Checksum enforcement, banning MD5? #833
Comments
|
You seem to imply that the |
|
Based on my understanding of ocaml/opam#3320 and https://opam.ocaml.org/blog/Signing-the-opam-repository/), MD5 should indeed be deprecated.
Now, that's not enough — but instead of trusting everybody on the Internet, you only have to trust the maintainers/authors of the opam repo in question, and GitHub; attacks remain possible but much less likely. |
|
I guess it is up to the opam lint utility to complain, and to the opam admin one to let us update all pks in one go. When they decide to really deprecate, we can just follow their lead. |
|
I still think we should try to be ahead of the |
|
One proposed solution to manage trust package cryptographically (also mentioned in ocaml/opam#3320) is conex, which essentially handles signing of packages by authors. This might be more feasible to implement for the Coq OPAM repo than the general one... |
Since MD5 is known to not be collision resistant, and has been described as "cryptographically broken and unsuitable for further use", I think it's time we actively phase out MD5 for archive checksums. Most directly, we should refuse to merge new packages with any form of MD5 checksum.
I propose that we recommend SHA512 checksums, since they are faster to check on 64-bit processors, while being cryptographically at least as strong as SHA256 checksums. However, I think we should still allow SHA256 checksums.
The text was updated successfully, but these errors were encountered: