Christian Heimes <li...@cheimes.de> added the comment:
I wouldn't call SHA1 a secure hash function any more. SHA1DC is both an incompatible implementation and a bandaid for legacy applications that can't easily update to a proper hashing algorithm. Also it's rather pointless to update our SHA1 implementation since OpenSSL still uses the standardized SHA1 implementation. CPython prefers OpenSSL's implementation because it's much, much faster than libtomcrypt's implementation. I need to study SHA1DC first and get some advice before I can make an educated statement. But I'm leaning towards -1 to even support SHA1DC in the standard library, because I don't want to promote SHA1 any more. Applications should move to SHA2, SHA3 and blake2. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue34930> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
