On Tuesday, July 3, 2012 at 9:29 PM, Glyph wrote:
> 
> Or, you know, somebody could maintain the dang software and automate the 
> process of producing these hashes.  I am slightly baffled by the tone of this 
> thread, like the hash algorithm needs to be set in stone forever.  There's a 
> reason that most software treats hashes as pluggable: new algorithms come out 
> every few years, you have to expect that your choice will be obsoleted for 
> some reason (not necessarily just security!) in the future.  Granted, there's 
> no real security in this case, but why not use a hash algorithm with less 
> probability of collision?
> 
I tend to agree wrt to hashes and I have an outstanding pull request against 
pip to make it treat hashes as pluggable at least ;) 
_______________________________________________
Distutils-SIG maillist  -  Distutils-SIG@python.org
http://mail.python.org/mailman/listinfo/distutils-sig

Reply via email to