| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
| Cc: | Neil Conway <neilc(at)samurai(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PGP signing releases |
| Date: | 2003-02-03 05:38:07 |
| Message-ID: | 5207.1044250687@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Marc G. Fournier" <scrappy(at)hub(dot)org> writes:
> On Sun, 2 Feb 2003, Neil Conway wrote:
>> - ensuring that end users can trust PostgreSQL is an important part to
>> getting the product used in mission-critical applications, as I'm sure
>> you all know. Part of that is producing good software; another part is
>> ensuring that users can trust that the software we put out hasn't been
>> tampered with.
> right, that is why we started to provide md5 checksums ...
The md5 checksum is useful as a cross-check that you've got a clean
copy, but it doesn't prove that the copy on the FTP site hasn't been
tampered with. Someone who's managed to break into the FTP server
could replace the tarball with a trojaned version *and* alter the md5
file to match. The point of a PGP signature is that only someone who
has the corresponding secret key could make a signature file that
matches the tarball and the public key.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2003-02-03 05:46:12 | Re: Irix 6.2, Postgres 7.3.1, some brokenness |
| Previous Message | alex avriette | 2003-02-03 05:28:20 | Re: Irix 6.2, Postgres 7.3.1, some brokenness |