Closed Translator712 closed 9 months ago
imho it is a security risk to publish the full checksum of the used pad.
normaly it is enough to check the last 5-10 chars of it. I have never seen two nearly similar md5sums for example. Could you change it?
Closing as per https://code.librehq.com/kfogel/onetime/-/issues/29#note_7056 .
imho it is a security risk to publish the full checksum of the used pad.
normaly it is enough to check the last 5-10 chars of it. I have never seen two nearly similar md5sums for example. Could you change it?