Hi,

Kevin Kofler via devel <devel@lists.fedoraproject.org> wrote:

I think we need a REALLY_LEGACY that continues allowing MD5 and the like.

According to https://github.com/corkami/collisions#chosen-prefix-collisions,
a chosen-prefix collision on MD5 took 72 hours to compute in 2009. 13 years
later, you really should treat anything that still uses MD5 as if it was
completely unsigned. I’m almost tempted to invest some CPU/GPU time to
compute a MD5 hash collision of your message to prove the point.

I don’t believe this would be in the best interest of our users. Setting a
crypto-policy to REALLY_LEGACY would basically mean “I don’t care about
encryption”. In these cases, why not just use plain HTTP, or other
unencrypted protocols instead?


--
Clemens Lang
RHEL Crypto Team
Red Hat


_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to