tech-kern: Re: Verifying a kernel.

Subject: Re: Verifying a kernel.
To: Matt Thomas <matt@3am-software.com>
From: Tonnerre <tonnerre@thundrix.ch>
List: tech-kern
Date: 07/20/2005 14:26:16

--24zk1gE8NUlDmwG9
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline

Salut,

On Tue, Jul 19, 2005 at 02:02:17PM -0700, Matt Thomas wrote:
> 4) Allow various algorithms: SHA1, MD5, etc.

Don't allow MD5! Also, SHA1 is a candidate that shouldn't be trusted just
like this. Why?

 - people might use it
 - people might decide to use it for security relevant functions
 - people are thereby prone to the typical MD5 bit flipping attacks et al.

I'm talking myself blue in the face on that: Don't use md5.

				Tonnerre

--24zk1gE8NUlDmwG9
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)

iD8DBQFC3kLoXUVlAbfmNMIRAulRAJ4hpjzaJEYRurrxn82DHhuV1W2uHgCfUfL1
RNJtSZJDnrsp2p2eoOAhrH0=
=9ORx
-----END PGP SIGNATURE-----

--24zk1gE8NUlDmwG9--