ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Branko ─îibej <br...@apache.org>
Subject Re: [VOTE] Apache Ignite 1.3.0 Release (RC2)
Date Mon, 13 Jul 2015 17:46:32 GMT
On 13.07.2015 16:42, Atri Sharma wrote:
> Out of curiosity, are we only using MD5 and SHA1 for checksums?
> If that is the case, can we try CRC? Much easier to port and easier to
> compute

That is complete nonsense.

The point of hashes is to maintain a minimal level of confidence that
the sources downloaded from a mirror match the hashes published on our
web site. Ease of computation has absolutely no bearing on this.

These days, SHA1 is the pretty much the barest acceptable minimum;
people are beginning to use SHA256 and even SHA512 because SHA1
vulnerabilities make it too easy to crack.

MD5 is obsolete for this purpose. CRC is not even close, since it's not
a cryptographic hash.

-- Brane

View raw message