> On 27.02.2017, at 16:10, Theo de Raadt <dera...@openbsd.org> wrote: > >>> >>> A patch to get away from SHA1 in dhcpd >>> >> >> HMAC-SHA1 is not affected by the published collision, but I'm not >> against switching the sync protocol to SHA2. Performance also doesn't >> matter that much here as the typical sync rate is fairly small. >> >> Once done, it should also be done for spamd-sync where the protocol came from. > > Well, I don't see the point of making the change. HMAC's are still safe.
True, I don't mind either way. So let's keep "version 1" as it is. Reyk