On Sun, Oct 9, 2016 at 4:34 AM, Pádraig Brady <p...@draigbrady.com> wrote: > On 09/10/16 05:59, Zooko Wilcox-OHearn wrote: >> Hello, folks! >> >> It's been about a year since the last update in this thread. I was >> reminded of it because I saw a well-intentioned project using "md5sum" >> to let its users identify a specific distribution of its software. Of >> course, md5sum is not secure for that!
Hello folks, At the risk of going somewhat offtopic of this list, however, as this is the one point of continual reference I have to the Blake2 hash in common use (I am always interested in learning the new features of Coreutils and have been a list reader for years now) I must pose the question: Due to md5's easy collision faults, when will the md5 algorithm be -removed- from coreutils / other security implementations, to prevent this sort of well-intentioned badness? When will "md5sum" spit out a string "DO NOT USE THIS ANYMORE" instead of actually working as historically was the case? Some food for thought.. Mike
