SHA1 vs crypto doc
Hal Murray
hmurray at megapathdsl.net
Fri Jan 5 18:30:06 UTC 2018
Eric said:
> What could we say, other than: "Both MD5 and SHA-1 have been compromised.
> Don't trust either of the alternatives we actually support." :-)
We support anything OpenSSL supports. It's just that ntpkeygen and all the
documentation hides it.
>From man dgst on Fedora:
openssl-dgst, dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384,
sha512, md4, md5, blake2b, blake2s - message digests
One of those must be good enough.
-----------
https://csrc.nist.gov/Projects/Hash-Functions
Looks like the shannn are blessed by FIPS 180-4
I'll update the doc to mention them.
--
These are my opinions. I hate spam.
More information about the devel
mailing list