>From Jordan Christensen on Twitter: >http://twitter.com/thebigjc/status/7366243197
"@simonw why sha-1 instead of sha-256? NIST has recommended not using SHA-1 in new systems: http://bit.ly/6bIf5h"; I chose sha-1 over sha-256 for reasons of signature length. A base64 encoded signature generated with hmac/sha1 is 27 characters long. The same thing using hmac/sha256 is 43 characters long. If you're planning on using signatures in cookies and URLs that's quite a big difference (43 characters is more than half of the maximum 80 characters needed to safely transmit URLs in plain text e-mails, e.g. for account recovery links). My understanding is that the collision weaknesses discovered in SHA-1 are countered by the use of HMAC. Here's Bruce Schneier on the matter: http://www.schneier.com/blog/archives/2005/02/sha1_broken.html "It pretty much puts a bullet into SHA-1 as a hash function for digital signatures (although it doesn't affect applications such as HMAC where collisions aren't important)." Despite the confusing API name, we're doing HMAC here, not digital signatures - so I think we're OK. If I'm wrong I'm sure a crypto geek will set me straight pretty quickly. Cheers, Simon -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
