Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable the configuring of the Message Digest used #69

Merged
merged 1 commit into from Oct 17, 2015
Merged

Enable the configuring of the Message Digest used #69

merged 1 commit into from Oct 17, 2015

Conversation

itwasntandy
Copy link
Contributor

Noticed during testing that certificates are created using sha1
message digest.
This is fine when testing, but sha1 has been demonstrated to be weak

  • see http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html

It seems sensible to enable the specifying of message digest algorithm
so that users can opt to use sha256 or stronger.

Noticed during testing that certificates are created using sha1
message digest.
This is fine when testing, but sha1 has been demonstrated to be weak
- see `http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html`

It seems sensible to enable the specifying of message digest algorithm
so that users can opt to use `sha256` or stronger.
@flaccid flaccid self-assigned this Oct 17, 2015
@flaccid flaccid added this to the v3 milestone Oct 17, 2015
flaccid added a commit that referenced this pull request Oct 17, 2015
Enable the configuring of the Message Digest used
@flaccid flaccid merged commit b72f2f4 into sous-chefs:master Oct 17, 2015
@flaccid
Copy link
Contributor

flaccid commented Oct 17, 2015

@itwasntandy fantastic idea, thank you!

@ascendantlogic
Copy link

I know this has been merged, but doesn't it make sense to default to the more secure digest algo?

@flaccid
Copy link
Contributor

flaccid commented Feb 21, 2016

@ascendantlogic that is done now; tested ok for me.

@lock
Copy link

lock bot commented Jul 24, 2018

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jul 24, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants