[emmelaich]

There was a case in Australia 10 or so years back, where MD5 sums were added to police speed camera photos. This was before MD5 vulnerabilities were well known.

The defence successfully argued that MD5 was not totally reliable -- even though the chance of it being faked was absolutely tiny.

The real irony was that without the MD5, the photos would probably have been accepted just on the police assertion of chain of custody.

(I've been looking for this news story but unfortunately I can't find it at the moment)

[edit- found it] https://www.schneier.com/blog/archives/2005/08/the_md5_defen...

In fact the MD5 was known to be vulnerable - maybe. But it's still the case that adding MD5 made it less trustworthy!

[miunau]

Thanks for the link- exactly the sort of thing that I was looking for in feedback. I'm aware it's conjecture, but do you think this sort of precedence would be useful in airing doubts about the trustworthiness of an Ed25519 signature in court? Do you think the wording on the site is problematic in regards to this, or would you have any thoughts on how concerns about this would be best communicated?