On Mon, 2005-10-10 at 20:02, Ron Teitelbaum wrote:
> and his suggestion is to move to SHA256 for the short term.   Just putting
> the word SHA1 in my documentation could be risky, even if it represents no
> risk at all.
http://www.venge.net/monotone/docs/Hash-Integrity.html#Hash-Integrity is
an attempt to reply to such attacks against a project for its use of
sha1 (do those p2p networks get roasted for their use of md4, too?).
it's aimed at an older attempt to discredit sha1 for non-crypto uses,
but it's still interesting and sufficiently detailed.


patrick mauritz