Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

To: debian-devel@lists.debian.org
Subject: Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
From: Paul Wise <pabs@debian.org>
Date: Fri, 12 Oct 2012 10:14:12 +0800
Message-id: <[🔎] CAKTje6EHRFK2Qj7H7A4=UF3SqnroEMeAd4xA=Pfzum8=A7sLWg@mail.gmail.com>
In-reply-to: <[🔎] 1350001815.3370.65.camel@fermat.scientia.net>
References: <[🔎] 1349911198.3341.117.camel@fermat.scientia.net> <[🔎] 20121011181855.GA8645@roeckx.be> <[🔎] 1350001815.3370.65.camel@fermat.scientia.net>

On Fri, Oct 12, 2012 at 8:30 AM, Christoph Anton Mitterer wrote:

> Sources files seems to use MD5, SHA1 and SHA256... though MD5 seems to
> have a "special status" (Files vs. Checksums-<algo>).
> That might be just historic, though.
>
> Similarly the Packages files... MD5/SHA1/SHA256...

Only since wheezy has that been true for all files listed in
Packages/Sources though. squeeze Packages is missing SHA-1 and SHA-256
for 1905 binary packages.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

References:
- Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
  - From: Christoph Anton Mitterer <calestyo@scientia.net>
- Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
Next by Date: Re: Popularity of bzr-builddeb and dh-make
Previous by thread: Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
Next by thread: Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)
Index(es):
- Date
- Thread