On Friday, Oct 3, 2003, at 04:50 America/New_York, Jack Jansen wrote: > > On Friday, October 3, 2003, at 12:37 AM, Bob Ippolito wrote: >>> But we should definitely allow for some sort of public key scheme to >>> be used. I've been toying with the idea of using the secure http of >>> your browser, something like a "check integrity" button that would >>> take the MD5 sum of the database, get an entry IntegrityCheck from >>> the database (of the form >>> "https://www.python.org/pimp/integrity/%s.html") >>> fill in the md5sum and send your browser there. Probably the user >>> should get a dialog first (from pimp) explaining how to check the >>> integrity (look at the padlock) and what it means (you're only >>> trusting >>> the fact that whoever maintains the website also created this pimp >>> database). >> >> I already purchased a GeoTrust (browsers trust this CA by default) >> SSL certificate for pythonmac.org with this purpose in mind. I'm not >> big on the MD5 sums of databases thing, I think that it should be >> done with signatures, a la GPG. That way the author could update the >> database, without python.org updating its, because the public key is >> the same. > > Sorry, I wasn't clear enough. There is no such thing as a central list > of trusted packages. > Your database would have an IntegrityCheck of > <https://undefined.org/pimp/integrity/%s.html>. > The integrity check succeeding would only mean that the database the > user has on-disk is > indeed the exact same database as what you created, and by trusting > the database the > end-user trusts you (or, actually, as you pointed out elsewhere, the > end user trusts you and > your webhoster). I don't understand how this could possibly be useful for a database that changes often. You need a public key algorithm, not a hashing algorithm. > As md5 is included in the standard Python distribution, and its good > enough for > testing document integrity I see no reason to use something more > elaborate. A PGP signature > would allow offline verification, but the idea is that the https: > integrity check URL > handles that bit. So let's put a public key algorithm into Python and do it the right way. md5 is not going to do what you want it to do. md5 can only verify that a file is very probably exactly the same as what it was when the hash was created, it doesn't tell you it was created by a trusted source. I don't want to implement a crappy solution just because Python doesn't come with particular functionality, functionality that would be useful on its own.. I mean, we *are* already adding functionality to Python, there's no reason we shouldn't be able to add the other bits to facilitate this. -bob
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4