SHA384 is a truncated version of SHA512. But why would anyone use it? And corollary: if SHA384 is just as good as SHA512, is there any rationale in using the 512 bit version?
I am planning to use one of the algorithms to verify file integrity, so I am mainly interested in colision security.
I would be happy to hear how anyone uses the SHA2 digests in practice and why would you chose one version over the other.
For practical purposes and the foreseeable future, both SHA384 and SHA512 are good enough for almost any imaginable collision-resistance application. Generally, the primary determining factor of what hash you would use, once we're above 256 bits and collision resistance is infinite for practical purposes, is just how many bits of output you need. For example, if you need the hash to generate both a 256-bit HMAC key and a 128-bit encryption key, SHA384 is a natural choice. If you need as much output as possible for the computational cost, say for output of a PRNG or as random padding, then SHA512 makes sense.