Hi, Kevin Kofler via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
I think we need a REALLY_LEGACY that continues allowing MD5 and the like.
According to https://github.com/corkami/collisions#chosen-prefix-collisions, a chosen-prefix collision on MD5 took 72 hours to compute in 2009. 13 years later, you really should treat anything that still uses MD5 as if it was completely unsigned. I’m almost tempted to invest some CPU/GPU time to compute a MD5 hash collision of your message to prove the point. I don’t believe this would be in the best interest of our users. Setting a crypto-policy to REALLY_LEGACY would basically mean “I don’t care about encryption”. In these cases, why not just use plain HTTP, or other unencrypted protocols instead? -- Clemens Lang RHEL Crypto Team Red Hat _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
