[Python-ideas] Using sha512 instead of md5 on python.org/downloads

Steven D'Aprano steve at pearwood.info
Fri Dec 7 18:38:06 EST 2018

On Fri, Dec 07, 2018 at 01:25:19PM -0800, Nathaniel Smith wrote:

> For this specific purpose, md5 is just as good as a proper hash. But all
> else being equal, it would still be better to use a proper hash, just so
> people don't have to go through the whole security analysis to check that.

I don't understand what you are trying to say here about "the whole 
security analysis" to check "that". What security analysis, and 
what is "that"?

It seems to me that moving to a cryptographically-secure hash would give 
many people a false sense of security, that just because the hash 
matched, the download was not only not corrupted, but not compromised as 
well. For those two purposes:

- testing for accidental corruption;
- testing for deliberate compromise;

md5 and sha512 are precisely equivalent: both are sufficient for the 
first, and useless for the second. But a crypto-hash can give a false 
sense of security. The original post in this thread is evidence of that.

As such, I don't think we should move to anything stronger than md5.


More information about the Python-ideas mailing list