#37078: Change default algorithm of salted_hmac() from SHA-1 to SHA-256
--------------------------------------+------------------------------------
Reporter: Denny Biasiolli | Owner: (none)
Type: Cleanup/optimization | Status: new
Component: Utilities | Version: dev
Severity: Normal | Resolution:
Keywords: security, crypto | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
--------------------------------------+------------------------------------
Changes (by Jacob Walls):
* stage: Unreviewed => Accepted
* summary:
salted_hmac() defaults to SHA-1 algorithm despite SHA-256 being
preferred everywhere else
=> Change default algorithm of salted_hmac() from SHA-1 to SHA-256
* version: => dev
Comment:
Makes good sense -- I agree we should go through a deprecation here.
[https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1
-cryptographic-algorithm NIST advising all uses of SHA-1 to be replaced by
2030.]
--
Ticket URL: <https://code.djangoproject.com/ticket/37078#comment:5>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019ddea8bc4e-9e3d67b6-5089-4056-a2b4-fe347315430a-000000%40eu-central-1.amazonses.com.
