Message176808
Why not redefine -R to mean "use secure hashing algorithms for built-in types"?
When specified, use hashing algorithms that are secure against denial-of-service and other known attacks, at the possible expense of performance. When not specified, use whatever hashing algorithms provide the most sensible defaults for every-day use (basically hash the way python currently hashes).
Secure hashing would apply not just to strings but to numeric and other types as well. This would break the invariant of `x == y implies hash(x) == hash(y)` for numeric types that Mark mentioned. However, that seems like an implementation detail that python users shouldn't rely upon. |
|
Date |
User |
Action |
Args |
2012-12-02 20:47:31 | Bob.Ziuchkovski | set | recipients:
+ Bob.Ziuchkovski, lemburg, arigo, gregory.p.smith, mark.dickinson, vstinner, christian.heimes, benjamin.peterson, Arfrever, alex, cvrebert, dmalcolm, Giovanni.Bajo, PaulMcMillan, serhiy.storchaka, Vlado.Boza, koniiiik, sbermeister, camara, Łukasz.Rekucki, ReneSac |
2012-12-02 20:47:31 | Bob.Ziuchkovski | set | messageid: <1354481251.18.0.190611799123.issue14621@psf.upfronthosting.co.za> |
2012-12-02 20:47:31 | Bob.Ziuchkovski | link | issue14621 messages |
2012-12-02 20:47:30 | Bob.Ziuchkovski | create | |
|