[ https://issues.apache.org/jira/browse/PROTON-2502?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17531266#comment-17531266 ]
Justin Ross commented on PROTON-2502: ------------------------------------- Proposed resolution to one aspect of this: Take the SASL encryption code path out of Proton. Users should use TLS for encryption. > Stop using deprecated (and insecure) SASL mechanisms based on MD5 > ----------------------------------------------------------------- > > Key: PROTON-2502 > URL: https://issues.apache.org/jira/browse/PROTON-2502 > Project: Qpid Proton > Issue Type: Improvement > Components: build > Reporter: Andrew Stitcher > Assignee: Andrew Stitcher > Priority: Minor > > MD5 has been considered broken and hence insecure for about a decade now. We > should stop requiring it to test proton so that we can build on machines > configured without insecure SASL mechanisms. -- This message was sent by Atlassian Jira (v8.20.7#820007) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org