On 25-May-2012 5:22 AM, TarotApprentice wrote: > Do we have any plans to switch from MD5 checksums any time in the near > future?
Not at this point. As far as I can tell, the collision vulnerabilities of MD5 (see http://en.wikipedia.org/wiki/MD5) can't be used to break BOINC's code-signing mechanism. (If this is wrong, please let me know ASAP). Also, there's not a clear-cut replacement at this point. SHA-1 also may have collision vulnerabilities. Supposedly SHA-3 will be defined later this year; maybe we'll switch at that point. -- David _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
