That's a rather old statement. The latest draft of SP 800-131
(http://csrc.nist.gov/publications/drafts/800-131/draft-sp800-131_spd-june2010.pdf)
is a _lot_ more relaxed, and even the early draft referenced at the page below
did not require any changes that would require TLS v1.2. Applications built on
OpenSSL should no longer use SHA-1 (or 1024-bit or smaller RSA keys or 2-key
3DES) for digital signatures (or general encryption). Since OpenSSL supports
the algorithms suggested for replacement at the end of 2010, application
vendors should be able to provide government agencies with newer software that
avoids the algorithms that NIST (and OMB?) are saying should be avoided. It
should be noted that the latest draft of SP 800-131 allows continued use of
those algorithms until 2013 (or 2015 for encryption), so vendors are not
required to provide updates before the end of this year.
There's some fuzziness* with regards to RNGs in OpenSSL, and if they are fully
compatible with the current guidance from NIST or not, but again, you have
until 2015 to replace RNGs.
I hope this helps to clarify priorities a little bit.
TOM
* The "fuzziness" is only in that I've seen a couple of queries about which, if
any, of the RNGs in OpenSSL are compliant (compatible?) with NIST SP 800-90 or
ANSI X9.62-2005, and haven't seen any responses. If someone can clarify that,
I'd certainly appreciate it. If not, I'll end up doing the research myself
sometime prior to 2015, as we're one of those application vendors I mention
above. :)
> -----Original Message-----
> From: [email protected] [mailto:owner-openssl-
> [email protected]] On Behalf Of Sasha Matison via RT
> Sent: Monday, October 04, 2010 4:22 AM
> Cc: [email protected]
> Subject: [openssl.org #2355] Support for SHA2 ciphersuite in TLS
>
> Hello,
>
>
>
> What is the current plan to support TLSv1.2 in OpenSSL? NIST issued a
> statement requiring federal government to switch to SHA2 family of hash
> functions after 2010:
>
>
>
> Quote from http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html:
>
>
>
> "Federal agencies should stop using SHA-1 for digital signatures,
> digital time stamping and other applications that require collision
> resistance as soon as practical, and must use the SHA-2 family of hash
> functions for these applications after 2010."
>
>
>
> Regards,
>
>
>
> Sasha Matison
> ca
> Manager, Software Engineering
> Tel: +1-508-628-8379
> Mobile: +1-508-395-6958
> [email protected]
> <mailto:[email protected]> <http://www.ca.com/>
>
>
>
:��I"Ϯ��r�m�����
(����Z+�7�zZ)���1���x���h����W^��^��%�����&jם.+-1�ځ��j:+v�������h�
