From: Vincent Fong (vfong@hklpg.com)
Date: Tue Nov 07 2000 - 05:31:17 EST
Hi all,
I'm a new comer from Hong Kong, many of my directory link from
rpm2html.conf is different from the RDF directory structure. I guess I
obtained an old rpm2html.conf file. Is there anyway that I can obtain a
new one?
Thanks
vfong
Peter Hanecak wrote:
>
> On Tue, 7 Nov 2000, Daniel Veillard wrote:
>
> > Well it seems clear that keeping a small pool of "latest resolved
> > signature" may seriously help performance wise since all the packages from
> > a given diftribution, if signed, are likely to use the same set of keys.
> > I hope taht maintaining a small LRU cache is possible (I can add this
> > part).
>
> Well, signature is not same as key. While yes, same key can be used to
> sign a lot of packages, every package should have different
> (uniq) signature, because signature is based on hash of package content,
> which is uniq (we are not hosting say hundreds or tousands same RPM
> packages are we?). So if we have say 1000 different packages in archive,
> we get 1000 different signatures in LRU signature cache if we implement
> it. In short: similar situation to MD5 checksum (for two uniq files it is
> more probable we get same MD5 checksum than same SHA (or other) hash which
> is base for PGP/GPG signature).
>
> Regadles whether we use same or different keys to sign two different
> files, if we get two same signatures, we have prove, that PGP/GPG signing
> is usseless and/or have hole.
>
> So, if we want to verify signature of package B, it does not help us, that
> package A is signed with same key and we alredy verified it. (Except for
> PGP/GPG when using keyserver has alredy fetched the key).
>
> All above is based on my current understanding of hash algorithms,
> cryptography and signing. And while I'm not expert I can be wrong.
>
> Peter
>
> --
> ===================================================================
> Peter Hanecak <hanecak@megaloman.com>
> GPG pub.key: http://www.megaloman.com/gpg/hanecak-megaloman.txt
> ===================================================================
This archive was generated by hypermail 2b29 : Thu May 10 2001 - 18:40:13 EDT