> > rather than hardwiring SHA1 into everything -- and in particular having it > be > the only choice for signed cookies and session keys -- which makes me a > bit nervous > seeing as we're really all supposed to be using SHA256 by now. >
Since when is HMAC-SHA1 a problem? Did i miss any new research? -- sebastian -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
