On Fri, Dec 07, 2018 at 04:35:56PM -0800, Nathaniel Smith wrote: > On Fri, Dec 7, 2018 at 3:38 PM Steven D'Aprano <st...@pearwood.info> wrote: > > > On Fri, Dec 07, 2018 at 01:25:19PM -0800, Nathaniel Smith wrote: > > > > > For this specific purpose, md5 is just as good as a proper hash. But all > > > else being equal, it would still be better to use a proper hash, just so > > > people don't have to go through the whole security analysis to check > > > that. > > > > I don't understand what you are trying to say here about "the whole > > security analysis" to check "that". What security analysis, and > > what is "that"? > > > > The analysis that people posted in this thread, demonstrating that for the > particular purpose at hand, md5 and sha-whatever are equally useful.
Okay, so your position is that even though there's no actual increase in security from using sha512, we ought to use it so that people who don't know any better won't complain that we're using a "less secure" hash. Is that accurate? As security theatre goes, I guess its less harmful than most :-) [...] > If you're worried about giving people a false sense of security, I think it > would be more effective to post a prominent notice or link describing how > people should interpret the hashes. I want to avoid encouraging a false sense of security. I'm not sure that we ought to extend that further to actively taking on the responsibility of teaching users about this. On the other hand, perhaps threads like this suggest that this is inevitable... on the gripping hand, many users won't read the notice regardless of what we do... How often does this issue come up? I'm not sure it is common enough to bother fixing, but others' judgement on that may differ. > Maybe some people see md5 and think > "ah-hah, this is their way of warning me that the hash is suitable for > defending against accidental corruption but not malicious actors", but it > must be a small minority :-). (That's certainly not what the OP thought.) I didn't think they would. > Most people will just think we're fools who don't realize or care md5 is > broken. Statistically, that's a pretty reasonable guess when you see > someone using md5. I don't think there's any way to know for sure, but I'd be shocked if "most people" even thought about the issue, or checked the hash, regardless of whether it is sha512, md5 or a CRC checksum. In my experience, browsers and downloaders like wget either download the data correctly, or they make it damn obvious that the download failed. YMMV. As for those who "think we're fools", that's not a reasonable guess by any means. Since we're not fools, and for the purposes we're using the hash there is no difference between md5 and sha512, such a guess would be a classic example of "a little knowledge is dangerous" and "not as clever or well-informed as you think you are" (that's a generic "you", not you personally). If they don't think we're fools for using md5, they'll probably think we're fools for some other reason. -- Steve _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
