Re: [Firebird-devel] Fwd: [FB-Tracker] Commented: (CORE-5788) Proposed Security Patch: Replacement of use of SHA-1 in the SRP Client Proof with SHA-256

Mark Rotteveel Thu, 21 Jun 2018 07:49:24 -0700

On 21-6-2018 16:20, Tony Whyman wrote:

Be careful: if you set the ClientAuth to Srp,Srp256 and the ServerAuthis Srp256,Srp, then you will always use SHA-1 to generate the clientproof and you get no benefit from the patch.
Ideally the client is Srp256 only, with Srp256,Srp to allow forcompatibility with older Firebird 3 servers only.

I understand that, but I was thinking about when introducing this now ina Jaybird 3 point-release.


Mark
--
Mark Rotteveel

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Re: [Firebird-devel] Fwd: [FB-Tracker] Commented: (CORE-5788) Proposed Security Patch: Replacement of use of SHA-1 in the SRP Client Proof with SHA-256

Reply via email to