From: David MENTRE <dmentre@linux-france.org>
To: Gerd Stolpmann <info@gerd-stolpmann.de>
Cc: "Richard W.M. Jones" <rich@annexia.org>, caml users <caml-list@inria.fr>
Subject: Re: [Caml-list] Hardening [Perl's] hash function further
Date: Tue, 19 Nov 2013 08:53:23 +0100 [thread overview]
Message-ID: <CAC3Lx=ZrsHau9NicrwTjz-Lt7R5ysdrh4S3KVMOc1vZAAhJpvA@mail.gmail.com> (raw)
In-Reply-To: <1384819720.4083.57.camel@zotac>
Hello,
2013/11/19 Gerd Stolpmann <info@gerd-stolpmann.de>:
> This article is more or less discussing cryptoattacks on an insecure
> hash function, and the new versions of the functions are only "better"
> but in no way safe (which you only get with crypto hashes or
> dictionaries that don't allow collisions).
Which in turn raises the question: Who has the responsibility to
implement such hashes that can be exposed to the Internet: OCaml
standard library or dedicated frameworks like OCamlNet or Ocsigen? In
other words, shouldn't we keep simple hashes in the OCaml standard
library (for people making regular programs) and let people making web
applications chose the proper crypto hash in a specialized library?
Best regards,
david
next prev parent reply other threads:[~2013-11-19 7:53 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-18 20:44 Richard W.M. Jones
2013-11-19 0:08 ` Gerd Stolpmann
2013-11-19 7:53 ` David MENTRE [this message]
2013-11-19 8:50 ` Richard W.M. Jones
2013-11-19 9:14 ` Gabriel Scherer
2013-11-19 11:19 ` Dario Teixeira
2013-11-19 12:55 ` rixed
2013-11-19 22:18 ` Nicolas Braud-Santoni
2013-11-19 22:39 ` Eric Cooper
2013-11-19 22:55 ` Nicolas Braud-Santoni
2013-11-25 13:46 ` Goswin von Brederlow
2013-11-19 22:31 ` Nicolas Braud-Santoni
2013-11-20 18:56 ` Florian Weimer
2013-11-20 21:47 ` Gerd Stolpmann
2013-11-25 13:51 ` Goswin von Brederlow
2013-11-25 14:43 ` Yaron Minsky
2013-11-19 22:15 ` Nicolas Braud-Santoni
2013-11-25 13:38 ` Goswin von Brederlow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAC3Lx=ZrsHau9NicrwTjz-Lt7R5ysdrh4S3KVMOc1vZAAhJpvA@mail.gmail.com' \
--to=dmentre@linux-france.org \
--cc=caml-list@inria.fr \
--cc=info@gerd-stolpmann.de \
--cc=rich@annexia.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).