How does Nginx look-up cached resource?

Maxim Dounin mdounin at
Fri Sep 4 19:43:51 UTC 2015


On Fri, Sep 04, 2015 at 08:56:23PM +0200, Sergey Brester wrote:

> On 04.09.2015 20:10, Maxim Dounin wrote:
> >For sure this is something that can be done. The question remains
> >though: how often collisions are observed in practice, is it make
> >sense to do anything additional to protect from collisions and
> >spend resources on it? Even considering only md5, without the
> >crc32 check, no practical cases were reported so far.
> What?
> That SHOULD be done! Once is already too much!

No one yet happened.  And likely won't ever happen, as md5 is a 
good hash function 128 bits wide, and it took many years to find 
even a single collision of md5.  And even if it'll happen, we have 
crc32 check in place to protect us.

Maxim Dounin

More information about the nginx-devel mailing list