On Thu, Jan 1, 2009 at 9:56 AM, Sam Morris <[email protected]> wrote: > Maybe in a few years, NSS will have disabled the use of MD5 and the > ancient MD2 algorithm. I wonder how many other insecure algorithms are > still lurking in NSS, OpenSSL, GNU TLS, Java, etc...
Having programmed with OpenSSL a fair amount, I can say that the problem isn't that the library has older algorithms in it. That's needed for legacy compatibility. When initializing the library's engine, or for a specific connection, you specify the acceptable algorithms, so a particular application can reject MD2 or MD5 entirely. For the openssl binary, it's a question of how it's configured at compile- and run-time. The default at least is to use SHA-1. More worrisome is that RSA keys are generated with only 512-bit moduli by default, but that may be a holdover from US export regulations. -- Michael A. Marsh http://www.umiacs.umd.edu/~mmarsh http://mamarsh.blogspot.com http://36pints.blogspot.com -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
