Subject: Re: muhah
To: Trevor Johnson <>
From: David Brownlee <>
List: tech-pkg
Date: 03/26/2001 09:58:16
On Sat, 24 Mar 2001, Trevor Johnson wrote:

> > What you are failing to understand is that if one upgrades to a current
> > pkgsrc while choosing not to upgrade userland/kernel beyond 1.4(.x),
> Yes, someone who also chooses not to install cryptosrc, doesn't want to
> install the OpenSSL package (pkgsrc/security/openssl), and wants to use
> 160-bit hashes in pkgsrc.
> This person fears trojaned distfiles with colliding MD5s, but doesn't mind
> the holes in the base system.

	Maybe they just want to use pkgsrc as shipped...

	On the other point I completely agree that it makes sense for
	digest and openssl to use the same format where possible.

		David/absolute		-- No hype required --