[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

On Fri, Oct 12, 2012 at 09:17:32AM +0200, Bernhard R. Link wrote:
> part at all) will only weaken security. So I think what you say is an
> argument for keeping md5sum, so that noone think they can use that
> information for security.

This argument is based on the incorrect assumption that everyone in the
world knows md5 is broken.

(Heck, I'm sure I can find people who don't know that parity checks are
not a security measure, yet who think they know about security, if I
search good enough)

Copyshops should do vouchers. So that next time some bureaucracy requires you
to mail a form in triplicate, you can mail it just once, add a voucher, and
save on postage.

Reply to: