Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward comp

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward comp

From:	Andrew Suffield
Subject:	Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward compatible
Date:	Fri, 16 Jan 2004 15:03:12 +0000
User-agent:	Mutt/1.5.5.1+cvs20040105i

On Fri, Jan 16, 2004 at 02:25:19PM +1100, Robert Collins wrote:
> On Fri, 2004-01-16 at 12:01, Tom Lord wrote:
> 
> > 
> > It shouldn't be difficult to modify these changes so that, for the
> > moment, they will generate _both_ md5 and sha1 checksums.   That can
> > be done in a way that will preserve upward compatability.
> 
> Done (both md5 and sha1), but it cannot. the 1.1pre0 parser is bust, and
> fails.
> 
> Best practice AIUI is to do both anyway, so I don't see that changing.

It's certainly cryptographically stronger to keep and verify both;
that way both algorithms would have to be broken in order to defeat
the system (in the event of an effective attack against either, the
system remains reasonably strong).

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward compatible, (continued)

Prev by Date: Re: [Gnu-arch-users] Re: Re-linking to revlib implemented
Next by Date: [Gnu-arch-users] IDE not prism-commit? (was Re: Re-linking to revlib implemented)
Previous by thread: Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward compatible
Next by thread: Re: [Gnu-arch-users] Re: HEADS UP: checksums change is not backward compatible
Index(es):
- Date
- Thread