How does Nginx look-up cached resource?
Maxim Dounin
mdounin at mdounin.ru
Fri Sep 4 19:43:51 UTC 2015
Hello!
On Fri, Sep 04, 2015 at 08:56:23PM +0200, Sergey Brester wrote:
> On 04.09.2015 20:10, Maxim Dounin wrote:
>
> >For sure this is something that can be done. The question remains
> >though: how often collisions are observed in practice, is it make
> >sense to do anything additional to protect from collisions and
> >spend resources on it? Even considering only md5, without the
> >crc32 check, no practical cases were reported so far.
>
> What?
> That SHOULD be done! Once is already too much!
No one yet happened. And likely won't ever happen, as md5 is a
good hash function 128 bits wide, and it took many years to find
even a single collision of md5. And even if it'll happen, we have
crc32 check in place to protect us.
--
Maxim Dounin
http://nginx.org/
More information about the nginx-devel
mailing list