On Wed, 16 Mar 2005, Andrew Suffield wrote: > On Wed, Mar 16, 2005 at 12:26:30PM +0600, Ivan Boldyrev wrote: > > > If someone finds a second pre-image attack against md5, then arch > > > will be in trouble (but so will just about anything else). > > > > MD5 is considered insecure for many years. Arch is already in trouble > > because Arch developers do not understand security. > > > > I am not security expert too, but designing security attack against > > Arch took less time than writing this message. > > This is pure nonsense. Go away and read /Beyond Fear/, and maybe > /Secrets & Lies/ as well. And CRYPTO-GRAM too, while you're at > it. I've seen journalists with better comprehension of security.
I don't fully agree with Ivan's notes, but this does not change anything about the danger of using MD5, or does it? Please also read: http://cryptography.hyperlink.cz/2004/otherformats.html Cheers, Karel -- Karel Gardas [EMAIL PROTECTED] ObjectSecurity Ltd. http://www.objectsecurity.com _______________________________________________ Gnu-arch-users mailing list Gnu-arch-users@gnu.org http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
