sha1sum

[Rahul Sundaram]

Kenneth Porter wrote:

> --On Saturday, June 11, 2005 7:57 PM -0400 Tony Nelson 
> <tonynelson at georgeanelson.com> wrote:
>
>>> http://lists.gnupg.org/pipermail/gnupg-ru/2004-December/000158.html
>>
>>
>> Given the extent of the discovered weakness and the likelyhood that 
>> people
>> won't be installing this release more than a few years down the road, 
>> this
>> seems to me to be an overreaction.  Ah, well.  Hopefully it is known 
>> that
>> SHA1 is truely more secure than MD5, rather than just that there have 
>> been
>> no alarming reports yet.
>
>
> Since Fedora is supposed to be bleeding edge and the place to try new 
> technologies, this lets this mechanism get tested by those willing to 
> take the risk, before it gets deployed to the more conservative products.

If we are talking about risks,  note that sha1sum is potentially *less* 
riskier than md5sum. Fedora is anything but conservative though
regards
Rahul