[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#37420: [PATCH] Recommend against SHA-1 for security-related applicat
From: |
Stefan Kangas |
Subject: |
bug#37420: [PATCH] Recommend against SHA-1 for security-related applications |
Date: |
Mon, 16 Sep 2019 22:29:43 +0200 |
Lars Ingebrigtsen <larsi@gnus.org> writes:
> > We should clarify that these attacks are not only theoretical, and
> > actively discourage using it in security-related applications in the
> > Elisp Manual. The attached patch is an attempt at doing that.
>
> Looks good to me.
Thanks. I thought a bit more about this, and would like to suggest
the attached slightly more ambitious patch which also recommends
against them in the doc strings of sha1, md5 and secure-hash.
(I also changed so the doc strings consistently say SHA-1 instead of
SHA1, which seems to be more correct AFAICT.)
Best regards,
Stefan Kangas
0001-Recommend-against-SHA-1-and-MD5-for-security.patch
Description: Text Data