Zooko O'Whielacronx wrote: > The people who are suffering from the > collisions in MD5 and SHA-1 are suffering, not because MD5 or SHA-1 > were suddenly revealed to be insecure, but because they ignored the > warning messages from cryptographers for many years. (I'm a tad > irritated about this, since "I tried to tell them" [5] and "They > wouldn't listen!" [6].)
This is why no attention should be paid to non-cryptographers attempting to pour scorn on the feasibility of attacks (as in the case of [6]), even, and perhaps especially, when said non-cryptographers are widely respected for other reasons. (The same point applies to other fields of similar complexity and subtlety to cryptography.) > [5] http://www.gelato.unsw.edu.au/archives/git/0506/5273.html > [6] http://www.gelato.unsw.edu.au/archives/git/0506/5299.html -- David-Sarah Hopwood ⚥ _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
