CVSROOT: /cvs Module name: ports Changes by: na...@cvs.openbsd.org 2012/07/10 06:04:25
Modified files: infrastructure/mk: bsd.port.mk Log message: Remove message digest algorithms other than SHA-256 for checksumming distfiles. MD5 is known to be insecure and RIPEMD-160 and SHA-1 are considered inferior to SHA-256. Also, the concatenation of different hashes is not more secure than its strongest component; see Antoine Joux, "Multicollisions in iterated hash functions. Application to cascased constructions" http://www.iacr.org/cryptodb/archive/2004/CRYPTO/1472/1472.pdf Discussed with many, ok sthen@