- From: Paul Gearon <pgearon@revelytix.com>
- Date: Fri, 30 Sep 2011 13:27:45 -0400
- To: Andy Seaborne <andy.seaborne@epimorphics.com>
- Cc: public-rdf-dawg@w3.org
On Thu, Sep 29, 2011 at 12:30 PM, Andy Seaborne <andy.seaborne@epimorphics.com> wrote: >> Also, I was advised against including MD5 -- as the earlier xmldsig >> advises -- because of known security problems with it. I guess the >> theory is that it's important to steer people away from technology that >> looks secure but isn't. (The counter-argument is that some people >> still use it. But maybe should let that be entirely on them.) > > Yes - it's not recommended for weak for SSL certificates or digital > signatures (hence xmldsig). > > MD5 has it's place as for error-checking: > > http://en.wikipedia.org/wiki/MD5#Applications For good or ill, I've run into it many times when working with MySQL systems. It would be valuable for integration purposes. Regards, Paul Gearon
Received on Friday, 30 September 2011 17:28:13 UTC