On Fri, Aug 2, 2013 at 6:33 PM, Ondřej Surý <firstname.lastname@example.org> wrote:
> On Fri, Aug 2, 2013 at 2:52 PM, Paul Wise <email@example.com> wrote:
> So, yeah let's drop MD5, but don't introduce neither SHA512 nor SHA-3Actually, it might be less controversial to drop SHA1 as the MD5 has
> unless there's a cryptographical need (there isn't at the moment).
fieldnames (as Guillem already mentioned) which are probably assumed
to be present. I have not check(-ETIME) that for APT now, but somehow
I would be surprised if it wouldn't dislike (some) missing MD5 sections
even if it isn't using the sections for providing MD5, but because they have
a wonderfully stable name like "Files".
Its not like we are anywhere near to a "cryptographical need" to drop MD5
(as you have to do (at least) two pre-image attacks in a row with the same
file (aka compressed and uncompressed) – and as a bonus, the filesize has
to match as well – not to mention that the file has to make sense…) and
at the time we do SHA1 is probably not an interesting candidate.