1996-07-01 - Re: rsync and md4 (my final comments)
Header Data
From: “David F. Ogren” <ogren@cris.com>
To: ogren@cris.com
Message Hash: 41f6e46ea847e88e7bce5f03ecef337766f52800deed9f78d4cb283dd2d89e31
Message ID: <199607011536.LAA26258@darius.cris.com>
Reply To: N/A
UTC Datetime: 1996-07-01 20:01:46 UTC
Raw Date: Tue, 2 Jul 1996 04:01:46 +0800
Raw message
From: "David F. Ogren" <ogren@cris.com>
Date: Tue, 2 Jul 1996 04:01:46 +0800
To: ogren@cris.com
Subject: Re: rsync and md4 (my final comments)
Message-ID: <199607011536.LAA26258@darius.cris.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
>
> "David F. Ogren" writes:
> > I stand by my statements.
>
> Then you have lost all your reputation with me. If you don't even have
> the integrity to admit that you are wrong, you are obviously not a
> reasonable source of information.
>
At this point, I can see that we have agreed to disagree. Mr. Watt has
kindly quoted the exact text from Dobbertin, which I did not have handy.
Let the readers of this list decide for themselves in regards to the
security of MD5.
But I wanted to make two last comments before this thread (finally!) dies.
1. I think that you will agree that MD4 will work fine for Mr. Tridgell's
program, irregardless of your criticisms. He specifically stated that he
was not concerned about intentional collisions, only random ones.
2.
(quoted from Mr. Perry in an article entitled "MD5 breaks, etc.")
> checked. However, the result is widely known. MD5 is *not*
> something that should be trusted going forward, and I hope the next
> version of PGP uses SHA-1.
As I understand the current plans, PGP 3.0 _will_ incorporate a SHA option.
In fact, I believe that there may already be "bootleg" versions that
incorporate SHA.
- --
David F. Ogren |
ogren@concentric.net | "A man without religion is like a fish
PGP Key ID: 0x6458EB29 | without a bicycle"
- ------------------------------|----------------------------------------
Don't know what PGP is? | Need my public key? It's available
Send a message to me with the | by server or by sending me a message
subject GETPGPINFO | with the subject GETPGPKEY
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBMdfvtuSLhCBkWOspAQGkQwf5AQTJbqJ7YQOCSaLWK7qjn0Fr0AzF9Cyb
Bd2WJcHisQZ4WxwPy41SF3uUNXvgyES11rfvqa7SoqDU1QuO4N3I8PZ5+zrlwDpI
2Yb/wHyQ2jPtCVSWCmoyZfbw7a9086wWbg+N4IDuefPdgI+SqNiYmQnEsrh1+f9T
L2/gC6GLXFHtl68guYTGjI3XIgHcILWkqjuo19rzw+4NXAQ3kPxTaBLGcxuMYEPl
E5IbuKZ3mN4CZIDTSSctr78cthsr79KgW5NwlBW5AcCkU1XnhALVTN0vNEf2tILN
jl0BdVALNbkyFdTAE7/5z6pDcThgKR/68cRrTBTRFlq1WAadXAKV8w==
=drZ2
-----END PGP SIGNATURE-----
Thread
Return to July 1996
- Return to ““David F. Ogren” <ogren@cris.com>”
Return to ““Perry E. Metzger” <perry@piermont.com>”
- 1996-07-01 (Tue, 2 Jul 1996 04:01:46 +0800) - Re: rsync and md4 (my final comments) - “David F. Ogren” <ogren@cris.com>
- 1996-07-01 (Tue, 2 Jul 1996 06:07:38 +0800) - Re: rsync and md4 (my final comments) - “Perry E. Metzger” <perry@piermont.com>