That is what I m showing the diagram? Or is my diagram wrong? The only difference is I am using MD5.
MD5 should be avoided except where it has to be used for legacy apps.
Rich will help me with this, but I thought I'd explain why:
collision-resistance is especially important for
digital signatures, and MD5 is weaker than SHA1,
and more so than is explained by the difference
in digest length (128 vs. 160 bits)If using HMAC_, I still recommend HMAC_MD5 because no real weakness has been demonstrated, and collisions in MD5 do not compromise HMAC-MD5.
This is probably more than the OP needed to read...
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
