Gregor Riepl via cfarm-users <cfarm-users@lists.tetaneutral.net> writes:
>It's because it relies on SHA-1, and SHA-1 is known to be broken. It's breakable with a considerable amount of effort for static data. Attacking it in SSH auth would require the ability to break it in real-time or close to it, which no-one has come close to doing. Also, it's a collision attack (you generate two documents with the same hash value) which doesn't apply in this case since you're signing a fixed transcript hash. Peter. _______________________________________________ cfarm-users mailing list cfarm-users@lists.tetaneutral.net https://lists.tetaneutral.net/listinfo/cfarm-users
