[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

On 2010-03-03, Wouter Verhelst <wouter@debian.org> wrote:
> This is where I disagree. When a checksum algorithm is compromised (and
> MD5 *is* compromised), things only ever get worse, not better. Indeed,
> MD5 preimage attacks are pretty hard *today*. But switching to something
> more secure in preparation for the day when MD5 will be easily cracked
> by every script kiddo around is *not* overkill.

Sure, but to be honest, not even all packages managed to generate md5sums
'till now (with some quite core, omnipresent packages missing) so it seems out
of scope for squeeze.  Maybe squeeze+1.

Kind regards,
Philipp Kern

Reply to: