From 53a42470604e3db6e2f0552eb3481fa64a853458 Mon Sep 17 00:00:00 2001
From: Stefan Kangas <address@hidden>
Date: Mon, 16 Sep 2019 10:45:14 +0200
Subject: [PATCH] Recommend against SHA-1 for security-related applications

* doc/lispref/text.texi (Checksum/Hash): Clarify that SHA-1 is not
collision resistant.
---
 doc/lispref/text.texi | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/doc/lispref/text.texi b/doc/lispref/text.texi
index 7ce54f59c6..949797c3ef 100644
--- a/doc/lispref/text.texi
+++ b/doc/lispref/text.texi
@@ -4710,12 +4710,12 @@ Checksum/Hash
 SHA-1, SHA-2, SHA-224, SHA-256, SHA-384 and SHA-512.  MD5 is the
 oldest of these algorithms, and is commonly used in @dfn{message
 digests} to check the integrity of messages transmitted over a
-network.  MD5 is not collision resistant (i.e., it is possible to
-deliberately design different pieces of data which have the same MD5
-hash), so you should not used it for anything security-related.  A
-similar theoretical weakness also exists in SHA-1.  Therefore, for
-security-related applications you should use the other hash types,
-such as SHA-2.
+network.  MD5 and SHA-1 are not collision resistant (i.e., it is
+possible to deliberately design different pieces of data which have
+the same MD5 or SHA-1 hash), so you should not use them for anything
+security-related.  For security-related applications you should use
+the other hash types, such as SHA-2 (@code{sha224}, @code{sha256},
+@code{sha384} or @code{sha512}).
 
 @defun secure-hash-algorithms
 This function returns a list of symbols representing algorithms that
-- 
2.20.1