Differences between revisions 1 and 10 (spanning 9 versions)
Revision 1 as of 2015-10-12 11:27:19
Size: 847
Editor: PaulWise
Comment: SHA-1
Revision 10 as of 2017-04-22 04:07:07
Size: 2116
Editor: PaulWise
Comment: pages got renamed
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

<<TableOfContents()>>
Line 13: Line 15:
[[Teams/Apt/Sha1Removal|Various external repositories rely on them]].
Line 23: Line 27:
= OpenSSH =

There is a [[DebianBug:774711|request]] to use stronger ciphers, including dropping some SHA-1 based ones.
Line 26: Line 34:

= Already done =

== APT meta-data ==

The APT meta-data produced by dak includes SHA-2 by default.

APT does not trust SHA1 checksums starting with 1.2.7, and MD5 since 1.1. This does not yet affect the GPG signature of the Release file, though; which is validated by GPG.

== OpenPGP ==

GnuPG version ??? uses SHA-2 for signatures by default.

= Possible actions =

== Version control ==

Engage git upstream discussion to come up with a new repository format.

== APT meta-data ==

Add SHA-2 support to all the [[DebianRepository/FeatureSupport|repository tools]] that support the [[DebianRepository/Format|APT repository format]].

== OpenPGP ==

Work on OpenPGP 5 which will not use SHA-1 fingerprints.

GnuPG could warn when using SHA-1 for signatures.

GnuPG could filter out SHA-1 signatures for verification purposes.

Have the [[DebianRepository/FeatureSupport|repository tools]] reject .changes and .dsc signatures that use SHA-1.

dgit could reject OpenPGP-signed pushes that use SHA-1 signatures.

SHA-1 is getting weaker (mainly collision resistance) so we need to start exploring where we use SHA-1 in Debian and how we need to phase it out.

Version control

git

git uses SHA-1 for commit identifiers.

APT meta-data

APT repositories use SHA-1 and MD5 as hashes in addition to SHA-2.

Various external repositories rely on them.

OpenPGP

OpenPGP uses SHA-1 for fingerprints but they are not vulnerable to attacks on collision resistance so this isn't a concern.

Some of our developer or role keys probably use SHA-1 self-sigs or sigs.

TLS certificates

The SPI CA, the Debian CA and the few service certs signed by it are SHA-1.

OpenSSH

There is a request to use stronger ciphers, including dropping some SHA-1 based ones.

Snapshot

The snapshot.d.o data storage is based on SHA-1. Same for the derivatives census, which is based on snapshot.

Already done

APT meta-data

The APT meta-data produced by dak includes SHA-2 by default.

APT does not trust SHA1 checksums starting with 1.2.7, and MD5 since 1.1. This does not yet affect the GPG signature of the Release file, though; which is validated by GPG.

OpenPGP

GnuPG version ??? uses SHA-2 for signatures by default.

Possible actions

Version control

Engage git upstream discussion to come up with a new repository format.

APT meta-data

Add SHA-2 support to all the repository tools that support the APT repository format.

OpenPGP

Work on OpenPGP 5 which will not use SHA-1 fingerprints.

GnuPG could warn when using SHA-1 for signatures.

GnuPG could filter out SHA-1 signatures for verification purposes.

Have the repository tools reject .changes and .dsc signatures that use SHA-1.

dgit could reject OpenPGP-signed pushes that use SHA-1 signatures.