incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fernando Cassia <fcas...@gmail.com>
Subject Re: Build and Release Hygiene
Date Tue, 17 Jul 2012 03:43:42 GMT
On Mon, Jul 16, 2012 at 12:04 PM, Rob Weir <robweir@apache.org> wrote:
> or verifying the MD5 hashes.

SHA1 :)

----
In 2004, more serious flaws were discovered in MD5, making further use
of the algorithm for security purposes questionable—specifically, a
group of researchers described how to create a pair of files that
share the same MD5 checksum.[4][5] Further advances were made in
breaking MD5 in 2005, 2006, and 2007.[6] In December 2008, a group of
researchers used this technique to fake SSL certificate
validity,[7][8] and US-CERT now says that MD5 "should be considered
cryptographically broken and unsuitable for further use."[9] and most
U.S. government applications now require the SHA-2 family of hash
functions
----
http://en.wikipedia.org/wiki/MD5

FC

Mime
View raw message