Issue36316
Created on 2019-03-16 13:18 by fazl, last changed 2022-04-11 14:59 by admin. This issue is now closed.
| Messages (2) | |||
|---|---|---|---|
| msg338083 - (view) | Author: fazl (fazl) | Date: 2019-03-16 13:18 | |
Python is widely used and should use more trustworthy checksums than MD5. Even the successor to MD5 (SHA-1) was considered insecure in 2017. From https://nakedsecurity.sophos.com/2017/02/23/bang-sha-1-collides-at-38762cf7f55934b34d179ae6a4c80cadccbb7f0a/ : "For many years [...] MD5 was widely used [...] but it is now forbidden in the cryptographic world because [...] MD5 collisions are easy to generate on purpose, so the algorithm can no longer be trusted." |
|||
| msg338091 - (view) | Author: Benjamin Peterson (benjamin.peterson) *  |
Date: 2019-03-16 18:28 | |
MD5 isn't a security measure. It's provided for a quick check of integrity. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:12 | admin | set | github: 80497 |
| 2019-03-16 18:28:24 | benjamin.peterson | set | status: open -> closed resolution: wont fix messages: + msg338091 stage: resolved |
| 2019-03-16 13:25:36 | SilentGhost | set | nosy:
+ benjamin.peterson |
| 2019-03-16 13:18:34 | fazl | create | |