On Mon, 21 Feb 2011 18:55:13 +0100, Florian Weimer wrote: > * Joerg Jaspert: > > > I additionally opened a bug with apt to add support for SHA512SUM, so > > we can start using them. As soon as that is possible I intend to drop > > SHA256 and end up with SHA1/SHA512 only. > > Please don't. I have more faith in SHA-256 than SHA-512. What indications are there that SHA-512 is weak? Best wishes, Mike