On 7/3/12 4:32 PM, PJ Eby wrote:
On Tue, Jul 3, 2012 at 8:48 AM, Jeroen Dekkers <jeroen@dekkers.ch> wrote:
And yes, attacks on md5 will only get better, so we should migrate to
better hashes in the future.

No, because that's not what the RECORD hashes are for.  It's not an intrusion detection system, it's an installer conflict and "oops I edited the wrong file" checker.

People who are upset because md5 is low security are correctly understanding that this system *provides no security*.  We are not promising ANY security, so *not* using a secure hash is actually preferable.  The goal is data integrity against accidental overwrite by dumb installer tools (e.g. distutils) and accidental edits, not security against malicious tampering.

Yeah I don't really understand this debate over md5 hashes here. I suggest that we emphasis in PEP 376 the fact that the sole purpose is to have a checksum.

Distutils-SIG maillist  -  Distutils-SIG@python.org