Per discussion in #gentoo-infra. In the releases, we should be signing the .DIGEST files rather than the release files directly. Couple of benefits: 1. quicker to generate the signature (less data to process). 2. quicker to verify the signature (less data to process). 3. can put the signature inside the .DIGEST files as cleartext-signed (less files for the mirrors) if wanted (matches the signed Manifests closer). Downsides: 1. users need to do sha1/md5 on the release files themselves. change the docs to reflect this. they are probably doing it already to verify that the content is sane. Not downsides: 1. This does not provide any additional vulnerability. The present gpg sigs are only SHA1 internally: $ gpg --list-packets <stage3-x86-2007.0.tar.bz2.asc :signature packet: algo 17, keyid 9E6438C817072058 version 3, created 1178148793, md5len 5, sigclass 00 digest algo 2, begin of digest 61 af data: [157 bits] data: [159 bits] Ergo the attacker still has the same complexity to defeat the hash algorithm.
I've updated my scripts for signing to only sign the DIGESTS. I'm still doing them detached, simply because it's less of a change for me.
This should be fixed in 2008.0