* Michal Pryc <[EMAIL PROTECTED]> [2007-12-07 17:33]: > Hello pkg community, > > I am sure that during design this problem was taken into account, but I > want to ask how this case is handled? > I can see that the files on the server side are stored using hash as a > names. > So what will happen if there are two different files with the same > sha1sum? The second file will override the first one, or some exception > will be caught or maybe another name will be given for the second file?
We're tracking this as http://defect.opensolaris.org/bz/show_bug.cgi?id=8 SHA-1 collisions are improbable in general; I'm not sure that anyone has constructed a collision yet, although it's believed that a construction is feasible with current resources. Our current plan, beyond the support for collisions and multiple hashes noted in bugid 8, is to switch to an SHA-256 implementation prior to declaring a production release. - Stephen -- [EMAIL PROTECTED] http://blogs.sun.com/sch/ _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
