On Wed, Mar 16, 2005 at 07:57:15PM +0100, Karel Gardas wrote: > On Wed, 16 Mar 2005, Andrew Suffield wrote: > > > On Wed, Mar 16, 2005 at 12:46:28PM +0100, Karel Gardas wrote: > > > Sorry! That's just my short-cut of the whole problem. As I've already > > > written I don't agree fully with Ivan's statements, but this does not > > > change anything on the fact that MD5 is broken. > > > > MD5 is not broken. That's a myth. Stop spreading it. > > Perhaps `MD5 is broken' is not the best description of the problem, but > let say `MD5 is not collision free'. Is this better for you? i.e. there is > a possibility to find two values which hash to the same hash without using > brute force attack.
That is the case for all known hashing algorithms. Uninteresting distinction. > > > Yes, I agree, but combining two hashes from which one is considered broken > > > and one is considered weak these days is IMHO less secure than using one > > > hash which is considered secure. > > > > Your opinion is stupid and wrong, and there are no hashes which are > > 'considered secure' anyway. > > 'considered secure' means 'considered more secure than X' in this context. > Anyway, thanks for your polite `Your opinion is stupid and wrong'. I've > just thought that as a long time Arch user I can spread some of my fears > with more broader Arch community and I hope such possibility will be > preserved in the future. Please don't, people are stupid enough already. This kind of nonsense, and complete absence of logic, is unproductive and unwelcome. -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -><- |
signature.asc
Description: Digital signature
_______________________________________________ Gnu-arch-users mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
