HC development community As I understand it NIST FIPS 180-2 does not support the use of the MD5 algorithm for digest functions. In researching government security STIGS this appears to be a security violation (i.e. vulnerability). However, I see that it is still in use with the HC 3.1. So I am surprised and suspecting that I am missing something. I don't see this issue addressed on the Apache HC Web site or the code fixed.
Any insight would greatly appreciated. Thank you, Steve
