[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

On Fri, 2012-10-12 at 16:37 -0400, Michael Gilbert wrote:
> Which is impossible, or at least man-powerwise insurmountable.  There
> are something like 500 million lines of code in a Debian release.
I wasn't talking about such an impossible task,... but there speaks
nothing against relatively easy things,... like securing all of our
package repository infrastructure by strong algos (as we already did)...
and trying to prevent higher level attacks, like downgrade attacks.


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: