[Python-Dev] Hash collision security issue (now public)
Guido van Rossum
guido at python.org
Mon Jan 2 19:29:29 CET 2012
On Mon, Jan 2, 2012 at 7:47 AM, Christian Heimes <lists at cheimes.de> wrote:
> Am 01.01.2012 19:45, schrieb Terry Reedy:
> > On 1/1/2012 10:13 AM, Guido van Rossum wrote:
> >> PS. Is the collision-generator used in the attack code open source?
> > As I posted before, Alexander Klink and Julian Wälde gave their project
> > email as hashDoS at alech.de. Since they indicated disappointment in not
> > hearing from Python, I presume they would welcome engagement.
> Somebody should contact Alexander and Julian to let them know, that we
> are working on the matter. It should be somebody "official" for the
> initial contact, too. I've included Guido (BDFL), Barry (their initial
> security contact) and MvL (most prominent German core dev) in CC, as
> they are the logical choice for me.
> I'm willing to have a phone call with them once the contact has been
> established. IMHO it's slightly easier to talk in native tongue --
> Alexander and Julian are German, too.
I'm not sure I see the point -- just give them a link to the python-dev
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-Dev