Well, it seems like you've done more research on this than I have. :-) I was just raising the thought. I'm glad that you have checked up on this. I stand corrected.
For my project, I am probably going to keep using SHA256 because it's already there, and because I think it is more future proof. But it's nice to be able to still keep things simple for the common case. Thanks for the info! Krys [EMAIL PROTECTED] wrote: >by broken, you mean collision ? It only affects it as a content >hash(theoretically), say for source distribution(even that is remote as >the altered content may become meaningless, failed to compile etc.) but >in general safe for this kind of password usage, if my reading about >the paper is right. > > > >
