On 2009-Jan-03 22:45:59 +0100, "O. Hartmann" <[email protected]> wrote: >Well, I never digged deep enough into the source code to reveal the >magic and truth, so I will ask here for some help.
The relevant algorithms and their names are embedded in src/lib/libcrypt/crypt.c > Is it possible to >change the md5-algorithm by default towards sha1 as recommended after >the md5-collisions has been published? Note that both MD5 and SHA1 are broken in the cryprographic sense. As various people have noted, the known breaks do not impact on MD5 password hashes. -- Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour.
pgpUxGCxgdE1M.pgp
Description: PGP signature
