Hi On 6/25/24 17:39, Rob Landers wrote:
My only issue is md5, sha1, etc. There are many uses for them besides secure contexts. Sha1 is used by git, md5 fits snuggly in many data structures (uuidv5, for example, though some implementations also use the first 128 bits of a sha1).
I believe you might have misunderstood the proposal. The RFC is not proposing the MD5 and SHA-1 *algorithms*. It's just proposing the standalone functions.
The algorithms will still be available by means of the hash() function, which - besides MD5 and SHA-1 - provides access to a multitude of other hash algorithms. The RFC explicitly lists the necessary replacement.
The RFC is just proposing phasing out the special treatment of having dedicated functions of MD5 and SHA-1.
Best regards Tim Düsterhus PS: git is planning to move away from SHA-1.
