peterwaher at hotmail.com
Thu Feb 23 14:19:36 UTC 2017
SHA-1 is used in many places throughout XMPP. Examples include authentication mechanisms (SCRAM-SHA-1) and entity capabilities (XEP-0115), for instance. Concerning the recent report about vulnerabilities found in SHA-1, should there be an effort to upgrade all these to SHA-256 or later?
A Super-Common Crypto Tool Turns Out to Be Super-Insecure<https://www.wired.com/2017/02/common-cryptographic-tool-turns-majorly-insecure/>
NIST has been warning about vulnerabilities in its SHA-1 cryptographic hash function for years, but some services still use it and the threats are growing.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards