Hi,
what about changing the default digest algorithm in apps/x509.c, apps/req.c and apps/openssl.cnf from md5 to something a bit more secure like sha-1 ? MD5 shouldn't be used anymore, even by lazy users who don't explicitly set the digest algorithm.
Nils ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
