FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

LinkBack Thread Tools
Old 10-10-2012, 11:19 PM
Christoph Anton Mitterer
Default Debian should move away from MD5 (and at best also from SHA1) (in secure APT and friends)

Hi folks.

AFAICS, secure APT and similar things (e.g. dpkg's file hash sums) still
use even MD5.

Wouldn't it make sense to start discussions about moving to the
"strongest" possible?
Or, like in the case of package files (dsc and friends) make a policy of
verifying all hashes, and fail if any single doesn't match?

I mean SHA-1 is far from being broken, but recently there was an
estimation on when one will see first collisions (the archive on the
NIST list requires registration, but Schneier has re-posted it on his

So I guess one shouldn't delay that forever...


[0] http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html

Thread Tools

All times are GMT. The time now is 10:01 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org