Hi, sorry for the late reply... On Thu, Apr 26, 2007 at 01:44:05PM +0100, Steve McIntyre wrote: > There's also a couple more changes/updates that I'd like to make > in/around jigdo soon-ish: > > * Move over to using bzip2 rather than gzip for our template files. > That should be simple enough now that all the clients in stable > will support bzip2, I assume. Yes, it should work AFAICT! > * Start using sha1/256 internally as well as/instead of md5sum, or at > least for the whole-image checksums. Md5sum is looking weak these > days. I thought about SHA1 when I first came up with the file format. At the time, MD5 was already considered weakend because different content with matching MD5s had been found. Still, in the end I decided against SHA1 because the individual file checksums are not security sensitive - CRC64 would be just as fine IMHO. However, in hindsight I probably should have used SHA1 for the template file hash and for the hash of the final image. Cheers, Richard -- __ _ |_) /| Richard Atterer | GnuPG key: 888354F7 | \/¯| http://atterer.net | 08A9 7B7D 3D13 3EF2 3D25 D157 79E6 F6DC 8883 54F7 ¯ '` ¯
Attachment:
signature.asc
Description: Digital signature