sha1sum
Rahul Sundaram
sundaram at redhat.com
Mon Jun 13 18:42:26 UTC 2005
Kenneth Porter wrote:
> --On Saturday, June 11, 2005 7:57 PM -0400 Tony Nelson
> <tonynelson at georgeanelson.com> wrote:
>
>>> http://lists.gnupg.org/pipermail/gnupg-ru/2004-December/000158.html
>>
>>
>> Given the extent of the discovered weakness and the likelyhood that
>> people
>> won't be installing this release more than a few years down the road,
>> this
>> seems to me to be an overreaction. Ah, well. Hopefully it is known
>> that
>> SHA1 is truely more secure than MD5, rather than just that there have
>> been
>> no alarming reports yet.
>
>
> Since Fedora is supposed to be bleeding edge and the place to try new
> technologies, this lets this mechanism get tested by those willing to
> take the risk, before it gets deployed to the more conservative products.
If we are talking about risks, note that sha1sum is potentially *less*
riskier than md5sum. Fedora is anything but conservative though
regards
Rahul
More information about the users
mailing list