Subject: Reading the netbsd quarterly report
To: None <>
From: Marc Espie <>
List: tech-pkg
Date: 04/10/2005 13:59:02
Warning, Troll ahead.

I read:

> Following the discovery of weaknesses in the SHA1 algorithm Alistair
> Crooks demonstrated once more the proactive approach NetBSD takes
> towards security and committed modifications to pkgsrc to allow
> multiple digests to check the distfiles as downloaded from the
> internet for integrity. See
> for
> details.

Well, I'll take the paranoid approach of OpenBSD over the `proactive
approach of NetBSD any day. We've had this for over 6 years:

revision 1.75
date: 1999/03/03 18:18:46;  author: espie;  state: Exp;  lines: +76 -28
Replace md5 checksum with a choice of sha1, rmd160, md5.
Upward compatible. 

Sorry guys, there's stuff you probably shouldn't brag too much about...