First page Back Continue Last page Overview Graphics
- Confused Crypto
- Uses MD5, which has not been recommended since 1996 and has recently been completely broken
- Signatures only sign patches, not complete revisions. This requires a complete chain of trust, which tla does not enforce.
- Development tends to stall. For example, there have been patches to use SHA-1 for over a year, but they have not been integrated into an official release.