Referencing: http://www.cse-cst.gc.ca/services/crypto-services/crypto-algorithms-e.html
It is now 2008 and, per above link, the CSE de-lists certain HASH and HMAC standards and algorithms, namely sha-1 is bumped to sha-224 (as a minimum) including its downstream incorporations/reliances. With regard to openBSD's the broad sheet of crypto software -- ssh in particular but not just ssh -- in so far as I can see from userland (aka a non-developer) the userland user-interface presently limits in places to sha-1. Not saying that oBSD is/isn't/should/shall be CSE compliant but rather working from the premise that the CSE document is of merit and any such de-listings are noteworthy, will the 2008 openBSD releases 4.3 and 4.4 include -- i.e. pace -- and make usable at the userland user-interface levels (e.g. sshd_config > MACs, et al) the modern standards and algorithms. Of future note and reference, 2010 is a BIG transitional (de-listing) year. Thanks for all the awesome "stuff" and efforts.
