In linux.debian.devel, you wrote:
> Moritz Muehlenhoff wrote:
>> Upgrading to SHA-1 is still a good idea, of course,
>
> Correct me if I'm wrong, but haven't there been collision attacks on
> SHA-1, too?
Yes, but to public knowledge they're only feasible with government grade
hardware, while MD5 is subject to attacks with much lower complexity.
There might be an AES-like competition for the next-gen hash in 2006, but
I'm not sure if it has been decided yet.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
