[Python-ideas] Using sha512 instead of md5 on python.org/downloads
Paul Moore
p.f.moore at gmail.com
Sun Dec 9 12:31:22 EST 2018
On Sun, 9 Dec 2018 at 15:13, Barry Scott <barry at barrys-emacs.org> wrote:
>
> On Windows 10 this works:
>
> c:Downloads> certutil -hashfile python-3.7.1-amd64.exe sha512
> SHA512 hash of python-3.7.1-amd64.exe:
> 7dec6362c402b38a9c29b85b204398d7d3fd19509f05279bf713a92abe5b485d4c0c4b175c4edb47f81fd800a599bc2283642a8f0c666edd9e971b5cedf18041
> CertUtil: -hashfile command completed successfully.
In Powershell, there's Get-FileHash python-3.7.1-amd64.exe -Algorithm
sha512. The default algorithm is SHA256. On Windows, it's surprisingly
often the case that things which traditionally fell under "Windows
users probably don't have a tool to do that" are available in
Powershell.
None of which is that relevant, the fact still remains that no matter
what algorithm is used, the hash only has limited value as a security
measure.
Paul
More information about the Python-ideas
mailing list