Am Donnerstag, 21. September 2006 16:49 schrieb Vlastimil Babka:
> Although the "more secure than MD5" part is now questionable, I suppose
> the "directly available in python" part still holds?

From "What's new in python 2.5"

13.3 The hashlib package 
 A new hashlib module, written by Gregory P. Smith, has been added to replace 
the md5 and sha modules. hashlib adds support for additional secure hashes 
(SHA-224, SHA-256, SHA-384, and SHA-512). When available, the module uses 
OpenSSL for fast platform optimized implementations of algorithms. 
 The old md5 and sha modules still exist as wrappers around hashlib to 
preserve backwards compatibility. The new module's interface is very close to 
that of the old modules, but not identical. The most significant difference 
is that the constructor functions for creating new hashing objects are named 
differently.


I think sha256/512 is the only thing that makes sense at the moment, as it 
most probably will stay secure for quite a while and we don't have real 
alternatives. So imho use sha256, get rid of everything else, because that 
rarely improves security, and wait for the nist to define something new 
(which will happen, but probably take some years from now).

cu,

Hanno