Moritz Muehlenhoff wrote: > Upgrading to SHA-1 is still a good idea, of course, Correct me if I'm wrong, but haven't there been collision attacks on SHA-1, too?