|
|
|
|
|
|
by kbolino
387 days ago
|
|
|
If this were true, then wouldn't MD5 have been the better choice? Also, SHA-1's preimage resistance (which still isn't broken) is necessary for the security of signed commits, regardless of the hash function used for the signature itself, since a commit object references its tree and predecessor commit by their SHA-1 hashes. |
|
|