Re: md5sums files

To: debian-devel@lists.debian.org
Subject: Re: md5sums files
From: Philipp Kern <trash@philkern.de>
Date: Wed, 3 Mar 2010 11:37:17 +0000 (UTC)
Message-id: <[🔎] slrnhosifd.rmi.trash@kelgar.0x539.de>
Reply-to: phil@philkern.de
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] 874okyuov4.fsf@windlord.stanford.edu> <[🔎] 20100303151752.835b34d3.erikd@mega-nerd.com> <[🔎] 20100303104725.GA18778@celtic.nixsys.be>

On 2010-03-03, Wouter Verhelst <wouter@debian.org> wrote:
> This is where I disagree. When a checksum algorithm is compromised (and
> MD5 *is* compromised), things only ever get worse, not better. Indeed,
> MD5 preimage attacks are pretty hard *today*. But switching to something
> more secure in preparation for the day when MD5 will be easily cracked
> by every script kiddo around is *not* overkill.

Sure, but to be honest, not even all packages managed to generate md5sums
'till now (with some quite core, omnipresent packages missing) so it seems out
of scope for squeeze.  Maybe squeeze+1.

Kind regards,
Philipp Kern

Reply to:

Follow-Ups:
- Re: md5sums files
  - From: Osamu Aoki <osamu@debian.org>
- Re: md5sums files
  - From: Bernd Zeimetz <bernd@bzed.de>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Russ Allbery <rra@debian.org>
- Re: md5sums files
  - From: Erik de Castro Lopo <erikd@mega-nerd.com>
- Re: md5sums files
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: Re: md5sums files
Next by Date: Bug#572325: ITP: xjobs -- reads job descriptions line by line and executes them in parallel
Previous by thread: Re: md5sums files
Next by thread: Re: md5sums files
Index(es):
- Date
- Thread