The gzip author also says that the availability of gzip might obviate
our need for MD5....
To: Nathaniel Borenstein <nsb(_at_)thumper(_dot_)bellcore(_dot_)com>
Subject: Re: Gzip spec available?
Date: Thu, 04 Mar 93 15:23:21 +0100
From: Jean-loup Gailly <jloup(_at_)chorus(_dot_)fr>
There's already a spec for using MD5 as a message integrity check
gzip uses a crc32 for integrity check. This is quite sufficient. MD5
is really overkill, it was designed only for cryptographic
applications. Yes, it can be used for integrity check but it is really
not worth slowing down the algorithm for no practical gain. Of course,
if you use public key cryptography to sign the messages you need MD5
anyway, but as you know all of public key cryptography is patented.
PKP even claims that the DSS is covered by their patents.
Jean-loup