On Tue, May 14, 2019 at 3:24 PM Hubert Kario <hka...@redhat.com> wrote:
> On Tuesday, 14 May 2019 08:34:38 CEST Loganaden Velvindron wrote: > > Latest draft is here: > > https://www.ietf.org/id/draft-lvelvindron-tls-md5-sha1-deprecate-04.txt > > why did you drop SHA-1 from Section 4 and 5? > > It was done following this comment from David Cooper. " [..] While they may be subject to collision attacks, SHA-1 is still considered secure in cases in which collision resistance is not required, and I do not believe that collision resistance is required when SHA-1 is used to create the "signatures" in the ServerKeyExchange and CertificateVerify messages. " > the note about SHA-1 in HMAC applies to ciphersuites, to state explicitly > that > ciphersuites like TLS_DHE_RSA_WITH_AES_128_CBC_SHA are _not_ deprecated by > it > > SKE and CV don't use HMAC > -- > Regards, > Hubert Kario > Senior Quality Engineer, QE BaseOS Security team > Web: www.cz.redhat.com > Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
