W3C home > Mailing lists > Public > public-rdf-dawg@w3.org > July to September 2011

Re: Proposal for hash functions in SPARQL 1.1

From: Paul Gearon <pgearon@revelytix.com>
Date: Fri, 30 Sep 2011 13:27:45 -0400
Message-ID: <CAOQ8B2Hp+vE=Wku7ujqNvtP7p-KV7_JBOTroV3mVVoD-KM1G2Q@mail.gmail.com>
To: Andy Seaborne <andy.seaborne@epimorphics.com>
Cc: public-rdf-dawg@w3.org
On Thu, Sep 29, 2011 at 12:30 PM, Andy Seaborne
<andy.seaborne@epimorphics.com> wrote:
>> Also, I was advised against including MD5 -- as the earlier xmldsig
>> advises -- because of known security problems with it.  I guess the
>> theory is that it's important to steer people away from technology that
>> looks secure but isn't.   (The counter-argument is that some people
>> still use it.  But maybe should let that be entirely on them.)
>
> Yes - it's not recommended for weak for SSL certificates or digital
> signatures (hence xmldsig).
>
> MD5 has it's place as for error-checking:
>
> http://en.wikipedia.org/wiki/MD5#Applications

For good or ill, I've run into it many times when working with MySQL
systems. It would be valuable for integration purposes.

Regards,
Paul Gearon
Received on Friday, 30 September 2011 17:28:13 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 16:15:46 GMT