[Standards] SHA-1 use in XMPP
dave at cridland.net
Fri Jun 16 11:25:59 UTC 2017
Since SHA-1 is considered on the way out, now, it'd be useful to
catalogue where it is currently in use, what danger it poses, and what
options we have for replacing it - both in terms of protocol
considerations and practical concerns of deployments.
The current status of SHA-1 is essentially that is is likely to be
crackable soon, but only in terms of a long-term effort. So a use of
SHA-1 where the attacker would have to preimage/collide it rapidly are
less of an issue than cases where an attacker could spend a couple of
months over it.
As an example:
SCRAM-SHA-1 is our current MTI SASL mechanism. It is used to hash
long-term credentials. Replacing it would rely on SASL mechanism
agility; existing client implementations likely rely on it as the MTI
What else do we have?
More information about the Standards