Yes, as a matter of fact I read this on Slashdot earlier today. Very shaky stuff, considering not only most the internet distribution centers use MD5 to verify data (mostly open source files, linux, etc.) but UNIX and Linux also use MD5 in password data files (unless shadowing is in place). Of course, MD5 is not broken completely (asside from rumors claiming so) but it could happen. If you know of stronger hashes, please post their websites here.
Also, the downloading in mozilla should have a modular funcionality (extensions in firefox). This way, even if the MD5 auto checker is created for right now, a new one could just as easily be implemented as well. Thanks. == Deryck Henson _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
