Antoine Pitrou <pit...@free.fr> added the comment: [Martin's approach] > The point I first missed is that this triggers only when the hash is > *fully* equal; if the hashes are merely equal after masking, then > today's try-another-slot approach will still be used, even for > strings.
But then isn't it vulnerable to Frank's first attack as exposed in http://mail.python.org/pipermail/python-dev/2012-January/115726.html ? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13703> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
