Subject: Re: muhah
To: Trevor Johnson <firstname.lastname@example.org>
From: David Brownlee <email@example.com>
Date: 03/26/2001 09:58:16
On Sat, 24 Mar 2001, Trevor Johnson wrote:
> > What you are failing to understand is that if one upgrades to a current
> > pkgsrc while choosing not to upgrade userland/kernel beyond 1.4(.x),
> Yes, someone who also chooses not to install cryptosrc, doesn't want to
> install the OpenSSL package (pkgsrc/security/openssl), and wants to use
> 160-bit hashes in pkgsrc.
> This person fears trojaned distfiles with colliding MD5s, but doesn't mind
> the holes in the base system.
Maybe they just want to use pkgsrc as shipped...
On the other point I completely agree that it makes sense for
digest and openssl to use the same format where possible.
David/absolute -- www.netbsd.org: No hype required --