could we maybe have a generic [hmac_]sha_foo in Mojo::ByteStream and Mojo::Util that always points to the currently Best Known [Keyed] Hash,
rather than hardwiring SHA1 into everything -- and in particular having it be the only choice for signed cookies and session keys -- which makes me a bit nervous seeing as we're really all supposed to be using SHA256 by now. (and so that whenever it is in the next 5-10 years that something bad turns up in SHA2, we'll be ready to swap in SHA3) -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
