A note on vendor reaction speed to the e=3 problem

Travis H. solinym at gmail.com
Mon Sep 25 01:03:34 EDT 2006


On 9/15/06, Taral <taralx at gmail.com> wrote:
> *That* is the Right Way To Do It. If there are variable parts (like
> hash OID, perhaps), parse them out, then regenerate the signature data
> and compare it byte-for-byte with the decrypted signature.

You know, this sort of reminds me of a problem with signatures on tar.gz files.
Basically, you have to keep them around so you can check the signature,
but you can't delete them because you can't reconstruct the original tar file
from an untarred copy because it's full of metadata that won't necessarily
be replicated on your system.  For example, uids and gids.  Unfortunately,
cpio appears to be worse.  From a tape backup standpoint, tar doesn't
store enough (extended attributes, hard links, etc.) and so it appears to
store both too much and too little at once.

It would be nice if there was a format other than shar which was deterministic
and only contained the contents of the files; no metadata.  Then we could sign
the code and nothing else.  From a security point of view, shar has obvious
problems :-)  Anyone know of a relevant tool?
-- 
Enhance your calm, brother; it's just ones and zeroes.
Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list