On 2010-03-03, Wouter Verhelst <wou...@debian.org> wrote: > This is where I disagree. When a checksum algorithm is compromised (and > MD5 *is* compromised), things only ever get worse, not better. Indeed, > MD5 preimage attacks are pretty hard *today*. But switching to something > more secure in preparation for the day when MD5 will be easily cracked > by every script kiddo around is *not* overkill.
Sure, but to be honest, not even all packages managed to generate md5sums 'till now (with some quite core, omnipresent packages missing) so it seems out of scope for squeeze. Maybe squeeze+1. Kind regards, Philipp Kern -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/slrnhosifd.rmi.tr...@kelgar.0x539.de
