[zeromq-dev] Proposal for ZeroMQ certificate format

shancat shannenlaptop at gmail.com
Wed Oct 16 15:55:55 CEST 2013


What I said but in nicer words :) I think the question is whether truncated
SHA512 has a potential to be easily collided? Integrity is desirable in
this case (I think) because we want integrity of the certificate.
On Oct 17, 2013 12:48 AM, "Laurent Alebarde" <l.alebarde at free.fr> wrote:

>  As far as I know, Git does not deal with security but integrity. SHA-1
> is used there, as a hash only instead of file names, to allow for file
> renames & moves with respect to a similarity index.
>
> The fair hypothesis is that in the same repository, the chance of
> collision are too low to be considered.
>
> In our concern, CURVE, we don't share the same specifications and needs.
>
> Le 16/10/2013 15:40, shancat a écrit :
>
> 2 needs to be analysed a bit more. I think Git does something very similar
> but in that case it's probably to guard against repo corruption not
> determined attackers.
>
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20131017/afaf7e22/attachment.htm>


More information about the zeromq-dev mailing list