On 14 Sep 2014, at 11:06, wie...@porcupine.org (Wietse Venema) wrote: > Thanks for checking the signature. MD5 is good enough for Postfix > tarballs, since there are no known second pre-image attacks. It has > the significant benefit that it is supported by every existing PGP > implementation.
At httpd we hash twice, once with md5 and once with sha1. Regards, Graham --
