Re: [arch-general] Stronger Hashes for PKGBUILDs

2018-05-13 Thread Eli Schwartz via arch-general
On 05/13/2018 08:11 PM, Leonid Isaev via arch-general wrote: > On Sun, May 13, 2018 at 08:19:19PM +0200, Neven Sajko via arch-general wrote: >> On 13 May 2018 at 20:11, Neven Sajko wrote: >>> I do agree that using md5 is absurd, ... >> >> To clarify, md5 *is* unsecure and is

Re: [arch-general] Stronger Hashes for PKGBUILDs

2018-05-13 Thread Leonid Isaev via arch-general
On Sun, May 13, 2018 at 08:19:19PM +0200, Neven Sajko via arch-general wrote: > On 13 May 2018 at 20:11, Neven Sajko wrote: > > I do agree that using md5 is absurd, ... > > To clarify, md5 *is* unsecure and is even slower or not significantly > faster than hashes from the

Re: [arch-general] Stronger Hashes for PKGBUILDs

2018-05-13 Thread Neven Sajko via arch-general
On 13 May 2018 at 20:11, Neven Sajko wrote: > I do agree that using md5 is absurd, ... To clarify, md5 *is* unsecure and is even slower or not significantly faster than hashes from the Keccak and BLAKE2 families; using signatures would be a plus but signatures are not an

Re: [arch-general] Stronger Hashes for PKGBUILDs

2018-05-13 Thread Neven Sajko via arch-general
I do agree that using md5 is absurd, but putting effort into using sha-2 seems like a waste when Keccak and BLAKE2 are both faster and more secure than the old hashes. Regards, Neven