X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=wRI82EQTDSQPML8mnqJJfWoxtyr2JY1Dm54dlvuNPQE0498iuCdbS pGGbtEKi9zhA6FeDcTA+W9E5jm/QnVfC0h4yb8ZA/cCOVoF01IJdigSvppX0dGY0 p5diyJWW9aXw8CtcIyRBbi6YGBwCuBs04+DdW+t5zh+yKCTlH7j/BA= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=yI430ZL34cpvFuzYS64KRXSM+rY=; b=I3ghiuLJd0oHltQX+/MybI9L9Dwf r7mQkdA/dFu/5bphBDTVYJnGpTtfJ5XcDtf6kNyV127gqYA0FKQWySfYTG8yHrqj ezup2vn/DbgXs68y9VPOqR8tnUpvd+sFQU+oqW18hzBfaYaI8mfQsAPqRtrbnYct sdROHFEKD9BbSlI= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Date: Tue, 31 Mar 2015 21:29:51 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [PATCH] Add FAQ entry on how Cygwin counters man-in-the-middle (MITM) attacks Message-ID: <20150331192951.GA23523@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9amGYk9869ThD9tj" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) --9amGYk9869ThD9tj Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mar 31 14:08, David A. Wheeler wrote: > Signed-off-by: David A. Wheeler Ugh! *Short* patches are ok for the cygwin mailing list. Short being a handful of lines, not entire novels. Novels go to cygwin-patches, please :) Other than that, patch looks almost ok. I only scanned it for now since it's late in the day for me. One nit: > + > +Up through 2015 Cygwin used the MD5 algorithm for cryptographic hashes. > +Cygwin used both MD5 and length checks, which makes some attacks harder > +than if Cygwin used only MD5, > +but MD5 is no longer considered a secure cryptographic hash algorithm. > +The 2015-02-06 update of the setup program > +added support for the SHA-512 cryptographic hash algorithm for > +sigining the setup.ini package list, as described in > +. > +The announcement also noted that there will be a switch to SHA-512 > +checksums in the setup.ini files. The switch has been performed 2015-03-23. I'll read it more thoroughly tomorrow. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --9amGYk9869ThD9tj Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVGvWvAAoJEPU2Bp2uRE+g8mEP/RzBDybvDslNfIbWrRwFjEYH XqsXz+GER/WNcSMVpUc3omsQN/6ad5F2FaxxAMMr82ux5zuPkpeWNYY8yM9MZvFB 7QuxKhtJSh+M4OlYDxEedmHkLpaxP+NhlSB2xER9/qu3xDPgEVmNllbFh7RJDkaj WIFljz2tEXM5NOPE73AGAEX8wkY/nseDWGOokustnFXqN3qu2nj8v1v203yxFTfw aDEGVXoPx7UBWmBTNHjnQnAp4c2O3dnU06YTUj/itWQ1F1XGJBN0n1ZJRb0IByT1 YbjY9o3risSdFUUsvsit/+0ceLmg8op79fo+mgu5a6bLinEtanKQHa1pLY8mqklB GjnIEmLd2GVoLJuinjZbF+V/h61Gz0N18w9vfJZbXhqu/EDFSw60JNejeLgveqbI Irv9qWwi+cZEfIWF+CYWgyV5xnoN8/UidB+1n1SrHDGl0ErYTr5iUwIs0++/f70m E4Q1OQKFmI0s5s5nNgKL+S7R/iX3Dwd7vLcXGlXLehssVX+HcipAwT3nc2+lXAEY xPWgyaiiPdeaWeiFJ0K4cjSvhFRz+pAgmT1hK6y+aEPkc4nyrPQj802jtWQZmxkG UNtSh1QZDw+MhHBJFCpOCFx++PRra0fJUvJ5RqTg69BZgmwFw+3S5jO8T+sp2j8p B6VE9+6kNrp5cK9LNXtC =XqXj -----END PGP SIGNATURE----- --9amGYk9869ThD9tj--