Menu
▾
▴
Re: [Exist-development] LGPL 2.1 and GPL 2 and all that crap
|
From: Dannes W. <da...@ex...> - 2012-02-06 10:26:10
|
Hi Adam, On Mon, Feb 6, 2012 at 11:12 AM, Adam Retter <ad...@ex...> wrote: > I chose RIPEMD-160 over SHA because SHA is a closed proprietary algorithm > developed by the NSA, whereas RIPEMD is an open algorithm developed under > public scrutiny. Apart from the hash strength of SHA, its impossible to > reason about its security characteristics. > Thnx for the answer, but I don;t see your point. IMO SHA is the standard way of doing these things and is proven technology and is used everywhere. The choice of RIPEMD-160 looks to me as a "I don't trust the world' argument? In addition, another JAR file is added, I think we must be conservative doing this (new maintenance thingy). Why another jar if the JVM provides all we need? cheers Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
