)
Changed paths:
M votes/vote-20221012-stop-306-111r.txt
Log Message:
---
Add Kurt's vote
)
Changed paths:
M votes/vote-20221012-ripemd160-in-3.0-default-provider.txt
Log Message:
---
Add Kurt's vote re RIMPEMD160 in OpenSSL 3.0
)
Changed paths:
M votes/vote-20221012-handling-sha1-and-ripemd160.txt
Log Message:
---
Add Kurt's vote re selection and handling for SHA1 and RIMPEMD160
On Wed, 2022-10-12 at 11:00 -0400, Viktor Dukhovni wrote:
> On Wed, Oct 12, 2022 at 03:35:19PM +0200, Richard Levitte wrote:
>
> > Topic: Provider selection and handling for SHA1 and RIPEMD160
> > should be identical
> > given the current understanding of algorithm specific
> > security
On Wed, Oct 12, 2022 at 03:35:19PM +0200, Richard Levitte wrote:
> Topic: Provider selection and handling for SHA1 and RIPEMD160 should be
> identical
>given the current understanding of algorithm specific security issues.
Shouldn't real-world usage be taken into account. SHA1 is
We have received a report of a significant regression in the latest
3.0.6 and 1.1.1r versions. The regression is not thought to have
security consequences. While the regression is further investigated we
have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and
instead recommend that
Topic: Accept PR#19375 to add RIPEMD160 to the default provider for 3.0 subject
to the normal review process
Proposed by: Tim
Public: yes
Opened: 2022-10-12
Closed: 2022-10-12
Accepted: yes/no (for: 3, against: 0, abstained: 2, not voted: 1)
Matt [+1]
Mark [+1]
Pauli
Topic: Provider selection and handling for SHA1 and RIPEMD160 should be
identical
given the current understanding of algorithm specific security issues.
Proposed by: Tim
Public: yes
Issue link: https://github.com/openssl/general-policies/issues/35
Opened: 2022-10-12
Closed: 2022-10-12
)
Changed paths:
A votes/vote-20221012-ripemd160-in-3.0-default-provider.txt
Log Message:
---
Add vote re RIMPEMD160 in OpenSSL 3.0
)
Changed paths:
A votes/vote-20221012-handling-sha1-and-ripemd160.txt
Log Message:
---
Add vote re selection and handling for SHA1 and RIMPEMD160
)
Changed paths:
A votes/vote-20221012-ripemd160-in-3.0-default-provider.txt
Log Message:
---
Add vote re selection and handling for SHA1 and RIMPEMD160
)
Changed paths:
A votes/vote-20221012-ripemd160-in-3.0-default-provider.txt
Log Message:
---
Add vote re RIMPEMD160 in OpenSSL 3.0
Branch: refs/heads/vote-306-pull
Home: https://github.com/openssl/general-policies
)
Changed paths:
A votes/vote-20221012-stop-306-111r.txt
Log Message:
---
add vote to stop shipping 306
Topic: Stop distributing 1.1.1r and 3.0.6 while the problems are
investigated.
comment: An announcement should also be made.
Proposed by: Pauli
Issue link: https://github.com/openssl/general-policies/pull/32
Public: yes
Opened: 2022-10-12
Closed: 2022-10-12
Accepted: yes (for: 3, against: 0,
)
Changed paths:
A votes/vote-20221012-stop-306-111r.txt
Log Message:
---
add vote to stop shipping 306
)
Changed paths:
A votes/vote-20221012-stop-306-111r.txt
Log Message:
---
add vote to stop shipping 306
Branch: refs/heads/master
Home: https://github.com/openssl/general-policies
Commit: 2b23a45c28c1357b2859325f08d98ffca004488f
https://github.com/openssl/general-policies/commit/2b23a45c28c1357b2859325f08d98ffca004488f
Author: Richard Levitte
Date: 2022-10-12 (Wed, 12 Oct 2022)
18 matches
Mail list logo