Um, since we're not Fedora Project, just a private Forum for working with Fedora, you really want to address any changes to Bugzilla (check the Fedora Project link above for info
) the Project's request line. Meanwhile, sha256 is the method that Fedora now uses.
As to the hypothetical question involved, that really needs to be in Wibble, since it's really not about Fedora, just about the MD5 issue. I'll move it there.
BTW, from the FedoraProject site, here's their explanation on F14
Fedora does not publish MD5 or SHA1 hashes to verify images since they are not secure enough. Instead we have been using SHA256 since Fedora 11. In Linux, you can use sha256sum command (part of coreutils and installed by default) to verify the Fedora image