[PATCH] libmd: Use alternative MD5 implementation
Cynthia Rempel
cynt6007 at vandals.uidaho.edu
Mon Dec 17 04:20:32 UTC 2012
Hi Sebastian and Ralf,
I don't really have an opinion, but for what it's worth md5 isn't considered secure...
http://en.wikipedia.org/wiki/MD5#Security
http://www.openssl.org/docs/crypto/md5.html
Although many legacy applications do require it for compatibility...
Thanks
________________________________________
From: rtems-devel-bounces at rtems.org [rtems-devel-bounces at rtems.org] on behalf of Ralf Corsepius [ralf.corsepius at rtems.org]
Sent: Sunday, December 16, 2012 8:06 PM
To: Sebastian Huber
Cc: rtems-devel at rtems.org
Subject: Re: [PATCH] libmd: Use alternative MD5 implementation
On 12/16/2012 06:09 PM, Sebastian Huber wrote:
> This implementation has less license restrictions.
The issue with md5 is not licenses, it's security and portability.
That said, your proposal to me qualifies as replacing a widely used and
heavily tested version with one from the zoo of exotic versions that are
floating around.
That said, unless you can provide evidence of the version you are
proposing has a history of being used for many years in major OSes or
applications, I am very opposed to letting this code in.
Ralf
_______________________________________________
rtems-devel mailing list
rtems-devel at rtems.org
http://www.rtems.org/mailman/listinfo/rtems-devel
More information about the devel
mailing list