Dict when defining not returning multi value key error
Marko Rauhamaa
marko at pacujo.net
Sat Aug 2 02:41:44 EDT 2014
Chris Angelico <rosuav at gmail.com>:
> On Sat, Aug 2, 2014 at 7:42 AM, Terry Reedy <tjreedy at udel.edu> wrote:
>> For mercurial, with no treat model, a 160 bit hash is used. Internet
>> applications need more bits and carefully vetted algorithms to
>> hopefully make the actual principle true.
>
> Ditto git, which also has no threat model.
I don't know why you way hg and git have no threat models. A great deal
of damage could be inflicted if you could sneak malicious edits into
version control systems without altering the hash.
Important systems absolutely rely on the fact that the hashes can be
used for identification. They are not just checksums. They are not
double-checked with bit-to-bit comparisons of the actual data.
Marko
More information about the Python-list
mailing list