[Top] [All Lists]

Re: Support for hash algorithms other than SHA-1

2005-06-27 13:51:55


I suggest that we start the update(s), and hope that the DSA situation gets sorted out before we are done. If not, let DSA remain as it is until it does get sorted out.

This is consistent with the "walk, do not run" approach to dealing with the one-way hash function issues.


At 04:28 PM 6/27/2005, Paul Hoffman wrote:
Unfortunately, I do not have a similar recommendation for DSA. SHA-1 still seems to be the only supported one-way hash function. I expect that to change soon, but it has not happened yet.

So....., what do we do? Update 3370 without changing DSA, then upgrade it again when the DSA change comes down? Wait for the DSA change?