Scott wrote: > Please, let's talk about hash collisions responsibly. Agreed.
Chasing down links from the one Petr provided: http://cryptography.hyperlink.cz/MD5_collisions.html the best read I found was: MD5 To Be Considered Harmful Someday http://eprint.iacr.org/2004/357.pdf As the author, Dan Kaminsky, states: > it is far too easy to overestimate the risks described in this paper. This paper does a good job of explaining the vulnerabilities that MD5 has, currently (and yes, git uses SHA1 ...). We have far greater vulnerabilities from intentional or accidental coding errors, inadequately audited code, root exploits of user (non-kernel) code, compilation and build tools, unreliable hardware (how many of us use non-ECC memory - I do), poorly administered systems, ... -- I won't rest till it's the best ... Programmer, Linux Scalability Paul Jackson <[EMAIL PROTECTED]> 1.650.933.1373, 1.925.600.0401 - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
