[Python-ideas] Using sha512 instead of md5 on python.org/downloads
Miro Hrončok
mhroncok at redhat.com
Fri Dec 7 03:53:04 EST 2018
Hi,
I see md5 checksums at a release download page such as [1].
My idea is to switch to sha512 for a more reliable outcome.
I'm no security expert, but AFAK md5 is generally believed to be unsafe,
as it was repeatedly proven it can be vulnerable [2].
[1] https://www.python.org/downloads/release/python-371/
[2] https://en.wikipedia.org/wiki/MD5#Security
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
More information about the Python-ideas
mailing list