Nils Maier wrote: > But that was never my point anyway (I talked about collisions)... And > does not make md5 less broken than I claimed and researchers found it was.
MD5 is not "broken" or "not broken" - it depends on your particular application. In this case, the attacker would need to generate a valid yet trojaned XPI for the same hash. This is much harder to do than the limited attacks which have succeeded so far. I entirely agree that if Link Fingerprints were used as part of the solution here (which it seems they aren't needed for anyway), then sha256 should be used. There's no reason not to. Gerv _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
