Re: Time to replace MD5?

[Steffen Schulz <pepe@cbg.dyndns.org>]

On 070614 at 13:40, Michael Stone wrote:
> >So every maintainer could distribute nice binaries and then inject
> >malicious packets to certain targets.
> Every maintainer can do that without dicking around with md5 collisions.

Not as good. The chances of detection grow with the install base.


> If you don't trust the debian maintainers, you probably shouldn't 
> install debian.

Trust is something that is to be reduced where possible.

If for whatever reason people get untrustworthy, it would be nice to
know as soon as possible, no? Government, Money, ..


And again, this is just one attack vector. To check the impact and list
the mitigating factors sure is good for employment. Security design is
something else.

I don't say it's highly critical. But usage of md5 and sha-1 should be
discouraged. The attacks will only get better. Systems should migrate,
however slow they think is appropriate.


/Steffen