On 01/02/2012 09:15, Richard Jones wrote:
On 1 February 2012 19:36, Chris Withers<[email protected]> wrote:
If you actually cared about security, you'd already be using, recording and
checking the MD5 checksums provided with each download and would already
know that this isn't a security loophole.
If you're not, then quit with the security theater.
I believe the "security theater" of MD5 was proven, and exploits
freely available, back in 2005 :-)
Well now, that's a valid argument, so what hashing technique should we
be using? ;-)
Chris - https://twitter.com/#!/chrismcdonough/status/159877313771737088
--
Simplistix - Content Management, Batch Processing & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Catalog-SIG mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig
