Should we settle on one SSL implementation?
Bruno Wolff III
bruno at wolff.to
Fri Oct 26 15:20:47 UTC 2007
On Wed, Oct 24, 2007 at 14:32:59 -0400,
Bernardo Innocenti <bernie at codewiz.org> wrote:
>
> Uh? I wasn't aware SHA1 has been broken (at least, not in
> a practically exploitable way).
Schneier has written some blog entries related to sha1 and the process for
getting a new has standard.
http://www.schneier.com/blog/archives/2005/08/new_cryptanalyt.html
http://www.schneier.com/blog/archives/2005/10/nist_hash_works_2.html
http://www.schneier.com/blog/archives/2006/09/notes_from_the.html
More information about the fedora-devel-list
mailing list