Re: MD5 warning2004-08-21 14:23:20* David Shaw wrote: That said, the security considerations section of the draft currently has some language mildly discouraging the use of MD5 ("The MD5 hash algorithm has been found to have weaknesses (pseudo-collisions in the compress function) that make some people deprecate its use. They consider the SHA-1 algorithm better.") Can we make this stronger, and deprecate MD5 use for OpenPGP in general? Not necessary. All known attacks does not impose a direct risk to md5 based OpenPGP issues.
|
|