Re: Time to replace MD5?

To: Touko Korpela <tkorpela@phnet.fi>
Cc: debian-security@lists.debian.org
Subject: Re: Time to replace MD5?
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Tue, 12 Jun 2007 18:04:25 -0300
Message-id: <[🔎] 20070612210425.GA7227@khazad-dum.debian.net>
In-reply-to: <[🔎] 20070612204123.GA2403@norsu.vuoristo.local>
References: <[🔎] 20070612204123.GA2403@norsu.vuoristo.local>

On Tue, 12 Jun 2007, Touko Korpela wrote:
> Debian Security Advisories currently contain MD5 checksums. As MD5 is no 
> longer strong enough, maybe it should be replaced by SHA1 or SHA256?

When combined with size information AND the fact that it needs to be a valid
.deb archive, they are probably more than strong enough.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Re: Time to replace MD5?
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- Time to replace MD5?
  - From: Touko Korpela <tkorpela@phnet.fi>

Prev by Date: Re: [SECURITY] [DSA 1302-1] New freetype packages fix integer overflow
Next by Date: Re: Time to replace MD5?
Previous by thread: Time to replace MD5?
Next by thread: Re: Time to replace MD5?
Index(es):
- Date
- Thread