This diff changes the sha1(1) man page to recommend the use of sha256(1). It uses language that is similar to the md5(1) man page.
Thoughts? Lawrence Index: sha1.1 =================================================================== RCS file: /cvs/src/bin/md5/sha1.1,v retrieving revision 1.29 diff -u -p -r1.29 sha1.1 --- sha1.1 3 Sep 2010 09:53:20 -0000 1.29 +++ sha1.1 8 May 2012 03:46:24 -0000 @@ -35,8 +35,14 @@ takes as input a message of arbitrary length and produces as output a 160-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce -two messages having the same message digest, or to produce any +two messages having the same message digest (a collision), or to produce any message having a given prespecified target message digest. +However, researchers have developed theoretical attacks that significantly +reduce the amount of time needed to find a collision in +.Em SHA-1 . +The use of other message digest functions, such as +.Xr sha256 1 , +is now preferred. .Pp The .Em SHA-1 @@ -116,3 +122,19 @@ sha256, sha384 and sha512. .%T US Secure Hash Algorithm 1 .%O RFC 3174 .Re +.Rs +.%A X. Wang +.%A Y. Yin +.%A H. Yu +.%T Finding Collisions in the Full SHA-1 +.%J Crypto +.%D 2005 +.Re +.Sh CAVEATS +Theoretical attacks that significantly reduce the amount of time needed +to find a collision in +.Em SHA-1 +have been developed. +The use of +.Xr sha256 1 +is recommended instead.