On Wed, 16 Mar 2005, Andrew Suffield wrote: > On Wed, Mar 16, 2005 at 12:46:28PM +0100, Karel Gardas wrote: > > Sorry! That's just my short-cut of the whole problem. As I've already > > written I don't agree fully with Ivan's statements, but this does not > > change anything on the fact that MD5 is broken. > > MD5 is not broken. That's a myth. Stop spreading it.
Perhaps `MD5 is broken' is not the best description of the problem, but let say `MD5 is not collision free'. Is this better for you? i.e. there is a possibility to find two values which hash to the same hash without using brute force attack. > > Yes, I agree, but combining two hashes from which one is considered broken > > and one is considered weak these days is IMHO less secure than using one > > hash which is considered secure. > > Your opinion is stupid and wrong, and there are no hashes which are > 'considered secure' anyway. 'considered secure' means 'considered more secure than X' in this context. Anyway, thanks for your polite `Your opinion is stupid and wrong'. I've just thought that as a long time Arch user I can spread some of my fears with more broader Arch community and I hope such possibility will be preserved in the future. Thanks, Karel -- Karel Gardas [EMAIL PROTECTED] ObjectSecurity Ltd. http://www.objectsecurity.com _______________________________________________ Gnu-arch-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
