SHA1 vs crypto doc
hmurray at megapathdsl.net
Fri Jan 5 18:30:06 UTC 2018
> What could we say, other than: "Both MD5 and SHA-1 have been compromised.
> Don't trust either of the alternatives we actually support." :-)
We support anything OpenSSL supports. It's just that ntpkeygen and all the
documentation hides it.
>From man dgst on Fedora:
openssl-dgst, dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384,
sha512, md4, md5, blake2b, blake2s - message digests
One of those must be good enough.
Looks like the shannn are blessed by FIPS 180-4
I'll update the doc to mention them.
These are my opinions. I hate spam.
More information about the devel