Should we settle on one SSL implementation?
Robert Relyea
rrelyea at redhat.com
Tue Oct 23 17:38:52 UTC 2007
Patrice Dumas wrote:
> On Tue, Oct 23, 2007 at 10:29:17AM -0700, Robert Relyea wrote:
>
>> If MD4 is one of the algorithms, We have a plan for that. MD4 is
>> fundamentally broken, has been for 10 years. There is only one legitimate
>> use of MD4 that I know of and that is support NTLM (Microsoft's old NT
>> authentication mechanism). In this case we need a common NTLM library that
>> all NTLM users call. Any other use of MD4 needs to be identified and
>>
>
> There is libntlm existing:
> http://josefsson.org/libntlm/
>
Thanks, We should take a look at it. At this point there are a number of
ntlm libraries, mostly imbedded in various applications (mozilla, samba,
etc.). This does have the advantage of being a separate package, though.
bob
> --
> Pat
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3420 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20071023/b18c2ae4/attachment.bin>
More information about the fedora-devel-list
mailing list