httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: location of md5, sha1, base64, and validate_password
Date Mon, 08 May 2000 16:05:38 GMT
"William A. Rowe, Jr." wrote:
> I would expand on that to imply that APR is the host of process,
> threading, memory and file management that is constantly assaulted
> by incompatibility between platforms.  But I extend that to include
> tcpip/internet -centric functionality.  My last argument (and last
> comment on this subject) is that I see many apps that the Apache
> Foundation would sponsor require md5.  sha1?  You've got me there.

SHA-1 is considered by many to be better than MD5. Why? Well, it has a
longer output, and it hasn't got any known attacks (OK, MD5 only has a
partial attack, but...)

I totally agree that APR should include MD5 and SHA-1.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

Mime
View raw message