Title: Message Title
|
|
|
|
|
I must agree that we should look at how we are using these hashes before we can select better ones. Protecting secrets (PasswordHash), detecting random corruption (org.dspace.checker.*), and distributing files equally across filesystem structures (BitstreamStorageManager) are different in nature and may require different kinds of hashes. All are worth further consideration, but I am not so sure that *any* crypto hash is the best choice for non-crypto use. Crypto hashes mainly have the virtue of being readily available.
|
|
|
|
|
|
|
As is known MD5 is vulnerable against collision attacks. So the checksum calculation should be replaced by a more reliable hash function like SHA-2.
Affected classes from dspace-api are:
1. org.dspace.checker.BitstreamInfoDAO: 2 SQL INSERT Strings (INSERT_MISSING_CHECKSUM_BITSTREAMS and INSERT_MISSING_CHECKSUM_BITSTREAMS_ORACLE). They add MD5 to th...
|
|
|
|
------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries. Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
Dspace-devel mailing list
Dspace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-devel
