On Wed, Mar 16, 2005 at 10:02:35AM +0100, Karel Gardas wrote: > On Wed, 16 Mar 2005, Andrew Suffield wrote: > > > On Wed, Mar 16, 2005 at 12:26:30PM +0600, Ivan Boldyrev wrote: > > > > If someone finds a second pre-image attack against md5, then arch > > > > will be in trouble (but so will just about anything else). > > > > > > MD5 is considered insecure for many years. Arch is already in trouble > > > because Arch developers do not understand security. > > > > > > I am not security expert too, but designing security attack against > > > Arch took less time than writing this message. > > > > This is pure nonsense. Go away and read /Beyond Fear/, and maybe > > /Secrets & Lies/ as well. And CRYPTO-GRAM too, while you're at > > it. I've seen journalists with better comprehension of security. > > I don't fully agree with Ivan's notes, but this does not change anything > about the danger of using MD5, or does it?
There's no real danger to using MD5. It's not like there's anything else you could be doing that would be any stronger. -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -><- |
signature.asc
Description: Digital signature
_______________________________________________ Gnu-arch-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
