On 05/04/2009 02:57 PM, David Shaw wrote:
we would have to play length checking games
to guess if they meant hash 4 or 40.
We're still going to have to do a little bit of length-checking games,
to distinguish between traditional SHA1 fingerprints and an
accidentally-truncated version of the newer (and presumably longer)
fingerprints.
One of the reasons that i initially proposed prefixes like SHA256- is
because they are so unambiguously *unlike* the traditional fingerprints
that it is clear what to expect next.
--dkg
signature.asc
Description: OpenPGP digital signature