URL: https://github.com/freeipa/freeipa/pull/500 Title: #500: Replace sha1 fingerprints with sha256
tiran commented: """ Let's step on the breaks first and do a proper threat analysis. Is it really necessary to drop SHA-1 like a hot potato and go for SHA-256 right now? It still takes a lot of effort to create a SHA-1 collision. It hasn't been shown for certificates yet. * SHA-1 in OTP is fine. OTP uses HMAC and truncated hashes. The attack doesn't apply to HMAC-SHA1. There are also severe compatibility issues. Some commonly used OTP generators do not support SHA1. Before we change OTP, we must make sure that our own OTP generator, Google's OTP generator, and Yubico's OTP generator in all Yubikey's work. (I'm using Yubico Authenticator over NFC). * Is SHA-256 the correct answer? What about SHA-224 or SHA-384 or a totally different approach like SHA3-256? MD5, SHA-1 and SHA-2 have a similar design (Merkle-Damgard construct but different compression function). * Should we replace SHA-1 with SHA-2 in a hard cut or can we safely offer both hashes for a while to go through a proper deprecation cycle? Do users or customers depend on SHA-1 hash values? """ See the full comment at https://github.com/freeipa/freeipa/pull/500#issuecomment-282228908
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
