Menu
▾
▴
Re: [Exist-development] LGPL 2.1 and GPL 2 and all that crap
|
From: Dannes W. <da...@ex...> - 2012-02-06 19:06:37
|
Hi, On Monday, 6 February 2012 at 19:56 , Adam Retter wrote: > If I understand correctly, is that not just the implementation of the > algorithm? SHA-1 has been proven several times to have weaknesses and > each time its proven the feasibility of the attack has significantly > increased. In fact the US Government now recommends that government > departments use SHA-2 or better and not SHA-1. well we are not building a bank do we? > Yes there is SHA-2, however its 256bit whereas RIPEMD-160 is just 160bits. RIPEMD-160 should be faster (less computationally intensive) > than SHA-2 if I understand correctly, and in addition requires less > memory and storage for the digest. Like SHA-1, SHA-2 was also > developed in private in a proprietary way, unlike RIPEMD-160. I am sure that SHA-x is well optimized in the JDK……… In the 'proprietary' I do not really see an argument, sorry :-) It is the result that counts, SHA-x is good….. cheers Dannes -- eXist-db Native XML Database - http://exist-db.org Join us on linked-in: http://www.linkedin.com/groups?gid=35624 |
