[saag] status of SSL vs SHA-1/MD-5, etc.?
Ben Laurie
ben at algroup.co.uk
Sun Oct 16 12:07:22 EDT 2005
Steven M. Bellovin wrote:
> As Eric Rescorla and I showed, though, none of the network protocols
> are ready for deployment of a new hash function. That is, newer
> versions of OpenSSL support may SHA-256, but there's no way to
> negotiate such usage if you don't know the status of the system to
> which you're talking.
None of the ones you looked at you mean - your survey wasn't comprehensive.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list