CVSROOT: /cvs
Module name: ports
Changes by: na...@cvs.openbsd.org 2012/07/10 06:04:25
Modified files:
infrastructure/mk: bsd.port.mk
Log message:
Remove message digest algorithms other than SHA-256 for checksumming
distfiles. MD5 is known to be insecure and RIPEMD-160 and SHA-1
are considered inferior to SHA-256.
Also, the concatenation of different hashes is not more secure than
its strongest component; see Antoine Joux, "Multicollisions in
iterated hash functions. Application to cascased constructions"
http://www.iacr.org/cryptodb/archive/2004/CRYPTO/1472/1472.pdf
Discussed with many, ok sthen@
