Re: [arch-dev-public] Can we trust our mirrors?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Gerhard Brauer schrieb:

For myself i don't accept the "md5sum is bad" argument as a "stopper"
for each idea to provide a pacman secure concept ;-)


I wasn't going to stop you. Signed db files are an important first step.
My point is that it was often suggested to move from md5 to something more secure. This suggestion was always rejected because we never used md5 for security. If we are going to implement your suggestion (and I vote that we do), we should really consider a better hash!

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux