On Sun, Jun 02, 2013 at 06:41:47PM +0200, Andreas Metzler wrote: > * Regarding SHA-1: > Quoting Nikos Mavrogiannopoulos in <http://bugs.debian.org/665766>: > "I'm not aware of weaknesses in SHA-1 when used with the HMAC > construction."
So maybe we should switch to HMAC-MD5, since it also doesn't have that weakness? I really see no good reason not to move to SHA-2. Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
