Re: Bug#540215: Introduce dh_checksums

To: debian-devel@lists.debian.org
Subject: Re: Bug#540215: Introduce dh_checksums
From: Peter Samuelson <peter@p12n.org>
Date: Tue, 9 Mar 2010 08:21:49 -0600
Message-id: <[🔎] 20100309142149.GP18278@p12n.org>
In-reply-to: <[🔎] 1268085864.21347.11498.camel@solid.paris.klabs.be>
References: <[🔎] 20100303020620.GA17083@celtic.nixsys.be> <[🔎] 874okyuov4.fsf@windlord.stanford.edu> <[🔎] 20100303151752.835b34d3.erikd@mega-nerd.com> <[🔎] 20100303104725.GA18778@celtic.nixsys.be> <[🔎] slrnhosifd.rmi.trash@kelgar.0x539.de> <[🔎] 1267650344.8266.262.camel@solid.paris.klabs.be> <[🔎] 87bpf3vrai.fsf@qurzaw.linpro.no> <[🔎] 1268066168.21347.9661.camel@solid.paris.klabs.be> <[🔎] 87wrxmbkdn.fsf@windlord.stanford.edu> <[🔎] 1268085864.21347.11498.camel@solid.paris.klabs.be>

> On Mon, 2010-03-08 at 12:59 -0800, Russ Allbery wrote:
> > If we take option 2, SHA256 offers no benefits over MD5 and just takes
> > longer to compute.

[Frank Lin PIAT]
> Why is that everyone seems to move away from MD5?

That's the $64000 question, isn't it?  There seems to be this knee-jerk
reaction to all things md5, "OH NOES, MD5 is broken!  Therefore it must
be replaced in every possible use, never mind whether any particular
use has anything to do with malicious attackers."

Strange that rsync seems to have escaped this madness, nobody has been
frantically calling for it to migrate to something more "up to date"
than MD4.  Which, IIRC, is just as "broken".  I guess the masses must
have realized, in a way they usually do not, that sometimes an
integrity check is just an integrity check.
-- 
Peter Samuelson | org-tld!p12n!peter | http://p12n.org/

Reply to:

Follow-Ups:
- Re: Bug#540215: Introduce dh_checksums
  - From: Jakub Wilk <jwilk@debian.org>

References:
- md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Russ Allbery <rra@debian.org>
- Re: md5sums files
  - From: Erik de Castro Lopo <erikd@mega-nerd.com>
- Re: md5sums files
  - From: Wouter Verhelst <wouter@debian.org>
- Re: md5sums files
  - From: Philipp Kern <trash@philkern.de>
- Re: md5sums files
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: md5sums files
  - From: Tollef Fog Heen <tfheen@err.no>
- Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>
- Re: Bug#540215: Introduce dh_checksums
  - From: Russ Allbery <rra@debian.org>
- Re: Bug#540215: Introduce dh_checksums
  - From: Frank Lin PIAT <fpiat@klabs.be>

Prev by Date: Bug#573162: ITP: django-picklefield -- Pickled object field for Django
Next by Date: Re: Proposed removal of arch-perl (libarch-perl)
Previous by thread: Re: Bug#540215: Introduce dh_checksums
Next by thread: Re: Bug#540215: Introduce dh_checksums
Index(es):
- Date
- Thread