It was a nail-biter of a vote, but MD5 removal has passed 29 to 0 with
a secondary vote for immediate removal without deprecation of 29 to 1.
https://wiki.php.net/rfc/release-md5-deprecation
I've pushed two commits to remove MD5 from www.php.net and qa.php.net,
however it should be noted that I left a fair amount of md5 in web-php
because very old releases have neither GPG signatures nor SHA256
checksums, and while MD5 is weak and broken, it's better than nothing.
-Sara
https://github.com/php/web-php/commit/7018747e6f57316591f138614cf311901f76e844
https://github.com/php/web-qa/commit/808942b865e355f16c727dc2050c4ec9ef832f9a
2017-06-28 4:19 GMT+02:00 Sara Golemon pollita@php.net:
It was a nail-biter of a vote, but MD5 removal has passed 29 to 0 with
a secondary vote for immediate removal without deprecation of 29 to 1.
https://wiki.php.net/rfc/release-md5-deprecationI've pushed two commits to remove MD5 from www.php.net and qa.php.net,
however it should be noted that I left a fair amount of md5 in web-php
because very old releases have neither GPG signatures nor SHA256
checksums, and while MD5 is weak and broken, it's better than nothing.
Can't we just rehash them?
Regards, Niklas
2017-06-28 4:19 GMT+02:00 Sara Golemon pollita@php.net:
I've pushed two commits to remove MD5 from www.php.net and qa.php.net,
however it should be noted that I left a fair amount of md5 in web-php
because very old releases have neither GPG signatures nor SHA256
checksums, and while MD5 is weak and broken, it's better than nothing.Can't we just rehash them?
If we agree that we trust the existing binaries haven't been
compromised at any point, sure. But at that point we'd be saying
"Here's a trustable sha256/gpg signature for a file" when really it's
"Here's a signature that's only really as trustable as the md5 we used
to verify it when we rehashed".
In the interest of not presenting a false sense of security, I'd vote
"No" on that. Our past few years of releases are more reliably
signed, and we can be honest about what's in the attic.
That all said, it wouldn't be a terrible idea to anchor some gpg sigs
of the old archives (in an explicitly flagged repo) just to be able to
say "They haven't changed since Jun 2017".
-Sara
2017-06-28 4:19 GMT+02:00 Sara Golemon pollita@php.net:
I've pushed two commits to remove MD5 from www.php.net and qa.php.net,
however it should be noted that I left a fair amount of md5 in web-php
because very old releases have neither GPG signatures nor SHA256
checksums, and while MD5 is weak and broken, it's better than nothing.Can't we just rehash them?
If we agree that we trust the existing binaries haven't been
compromised at any point, sure. But at that point we'd be saying
"Here's a trustable sha256/gpg signature for a file" when really it's
"Here's a signature that's only really as trustable as the md5 we used
to verify it when we rehashed".In the interest of not presenting a false sense of security, I'd vote
"No" on that. Our past few years of releases are more reliably
signed, and we can be honest about what's in the attic.That all said, it wouldn't be a terrible idea to anchor some gpg sigs
of the old archives (in an explicitly flagged repo) just to be able to
say "They haven't changed since Jun 2017".
The counter argument is "They haven't changed since 2017" is better than
they might have changed yesterday... Especially in a couple years. Or when
things don't get hacked and we want to verify them. They all have published
vulnerabilities so for anyone who cares to look at them that should be good
enough. You could leave the md5 to destinguish them.
That or if we don't trust them enough to sign them, remove them because
we're never going to trust them more than we do today.