Re: Archive no longer accepts uploads signed using SHA-1 or RIPE-MD/160
On Fri, 24 Feb 2017, Wouter Verhelst wrote:
> > or RIPE-MD/160 algorithms.
>
> Uhh? AFAIK, RIPEMD160 is not compromised at all, not even in a
> theoretical attack. Why was this part of the decision taken?
>
> (there is a theoretical attack against RIPEMD, but that is not the same
> thing as RIPEMD160)
It's just as short as SHA1. There appears to be little reason to use a
digest this short in 2017.
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
https://www.palfrader.org/ | `. `' Operating System
| `- https://www.debian.org/
Reply to: