[issue4858] Deprecation of MD5

Guido van Rossum added the comment: For the record, I'm with Martin -- there are many existing uses that we can't just legislate away. -- nosy: +gvanrossum ___ Python tracker ___

[issue4858] Deprecation of MD5

Martin v. Löwis added the comment: > I propose and strongly suggest to start deprecate direct support for MD5 > during this year and completly remove support for it afterwards. -1. Stopping usage of md5 should be the user's choice, not Python's. > * MD5 is a cryptographic hash function, it's

[issue4858] Deprecation of MD5

Marc-Andre Lemburg added the comment: On 2009-01-06 23:10, Lukas Lueg wrote: > Lukas Lueg added the comment: > >> It might be a good idea to remove the word "secure" from the >> hashlib documentation, since security of these algorithms is >> always limited to a certain period of time. > > I'm

[issue4858] Deprecation of MD5

Raymond Hettinger added the comment: Secure hash or cryptographic hash is the correct term and I think we should leave that in, if only to make the original intent clear and to make them easier to search for. I propose adding a sentence to the first paragraph noting that the level of security v

[issue4858] Deprecation of MD5

Lukas Lueg added the comment: > It might be a good idea to remove the word "secure" from the > hashlib documentation, since security of these algorithms is > always limited to a certain period of time. I'm sorry, was that a boy attempted humor ? [Misuse quote from DH3: Check] Anyway, in fact t

[issue4858] Deprecation of MD5

Marc-Andre Lemburg added the comment: On 2009-01-06 22:42, Lukas Lueg wrote: > Lukas Lueg added the comment: > > As I already said to Raymond: At least we should update the > documentation. The "FAQ" currently linked is from 2005. > > The CERT-Advisory from provides a clean and simple language

[issue4858] Deprecation of MD5

Lukas Lueg added the comment: As I already said to Raymond: At least we should update the documentation. The "FAQ" currently linked is from 2005. The CERT-Advisory from provides a clean and simple language: "In 2008, researchers demonstrated the practical vulnerability [...] We are currently un

[issue4858] Deprecation of MD5

Gregory P. Smith added the comment: The hashlib docs already mention the problems with md5 et al via a bright red: "Warning Some algorithms have known hash collision weaknesses, see the FAQ at the end." thanks for closing this. not gonna happen. -- nosy: +gregory.p.smith __

[issue4858] Deprecation of MD5

Raymond Hettinger added the comment: Because MD5 is used widely, Python needs to support it, if only to be able to verify MD5 signatures when offered. -- nosy: +rhettinger resolution: -> rejected status: open -> closed ___ Python tracker

[issue4858] Deprecation of MD5

Marc-Andre Lemburg added the comment: On 2009-01-06 21:06, Lukas Lueg wrote: > MD5 is one of the most popular cryptographic hash-functions around, > mainly for it's good performance and availability throughout > applications and libraries. The MD5 algorithm is currently implemented > in python a

[issue4858] Deprecation of MD5

New submission from Lukas Lueg : MD5 is one of the most popular cryptographic hash-functions around, mainly for it's good performance and availability throughout applications and libraries. The MD5 algorithm is currently implemented in python as part of the hashlib-module and (in more general ter