[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#540215: Introduce dh_checksums

* Peter Samuelson <peter@p12n.org>, 2010-03-09, 08:21:
[Frank Lin PIAT]
Why is that everyone seems to move away from MD5?

That's the $64000 question, isn't it?  There seems to be this knee-jerk
reaction to all things md5, "OH NOES, MD5 is broken!  Therefore it must
be replaced in every possible use, never mind whether any particular
use has anything to do with malicious attackers."

Strange that rsync seems to have escaped this madness, nobody has been
frantically calling for it to migrate to something more "up to date"
than MD4.  Which, IIRC, is just as "broken".  I guess the masses must
have realized, in a way they usually do not, that sometimes an
integrity check is just an integrity check.

$ zgrep MD5 /usr/share/doc/rsync/changelog.gz
    - Protocol 30 now uses MD5 checksums instead of MD4.

That said, I totally agree with you.

Jakub Wilk

Attachment: signature.asc
Description: Digital signature

Reply to: