On Tue, 2017-10-03 at 08:23 +0100, Matt Caswell wrote:
> > 1.2. This also opens the path to stronger key derivation (PBKDF2)
> > 2. During decryption, if no header block is present, and no message
> >    digest was specified, the default digest SHOULD be MD5.
> Should it? What about compatibility with OpenSSL 1.1.0? We cannot
> make
> breaking changes in 1.1.1, so it has to be compatible with 1.1.0.

Yeah, the ship has sailed. SHA-256 should be used by default as in

Tomáš Mráz
Red Hat

No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your

 * Google and NSA associates, this message is none of your business.
 * Please leave it alone, and consider whether your actions are
 * authorized by the contract with Red Hat, or by the US constitution.
 * If you feel you're being encouraged to disregard the limits built
 * into them, remember Edward Snowden and Wikileaks.
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to