On Thursday 21 September 2006 08:54, Hanno Böck wrote: > I think sha256/512 is the only thing that makes sense at the moment, as it > most probably will stay secure for quite a while and we don't have real > alternatives. So imho use sha256, get rid of everything else, because that > rarely improves security, and wait for the nist to define something new > (which will happen, but probably take some years from now).
Well, the problem that occurs here is the verification process. With MD5, you can hit most upstream sites, and they'll have an MD5SUM avaliable that you can authenticate against. With SHA256, you would need an upstream that actually implements them as hashes for release notifications. Without this sort of verification, there's a better chance of someone putting out some kind of exploit tarball, us hashing it as per the usual, and the whole purpose gets defeated. Yes, you can consider that developers should be going in and checking the changes, etc., but the problem it's something a lot of devs would be less likely to do versus an easy md5sum lookup. -- Chris White Gentoo Developer aka: xxxxxx (Scissors Were Here) xxxxxx
pgpLZFG6ufmNv.pgp
Description: PGP signature