> But for HA applications, we still need some additional redundancy > or at least some error diagnostics at application level. Well, > we'll most likely needs this anyways, eg. to detect human fault > or code bugs. > > My current idea is to use two separate hash functions in parallel > (as many sw distros already do). But I've got no idea if this > really helps or collissions in SHA-1 will often go parallel with > colissions in the second hash (eg. MD5).
adding a second hash will likely increase your failure rate as the failure rate of storage is >> collision rate of sha1. and adding a second hash will increase your storage, thus increasing your exposure to storage failure. - erik
