MD5 considered harmful today, SHA-1 considered harmful tomorrow
James A. Donald
jamesd at echeque.com
Sun Jan 11 18:29:04 EST 2009
Victor Duchovni wrote:
> There is a huge install-base of systems on which SHA-2
> certs will failed SSL handshakes. When Windows XP
> systems are <1% of the install-base, when OpenSSL
> 0.9.8 is <1% of the install-base and 0.9.9 too (if the
> support is not added before it goes official)
It is now 2009. SHA-1 came under attack in 2005. That
SHA-1 has been attacked, and SHA-2 not attacked, was
evidence for the strength of SHA-2.
Why did OpenSSL not support SHA-2 in 2006? Institutional
paralysis? Protocol negotiation issues? Protocol
negotiation issues that involved vested interests
resulting in institutional paralysis?
We cannot know why Microsoft acted as it acted, but if
OpenSSL is open, we should be able to know why OpenSSL
did even worse than Microsoft.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list