Dailydave mailing list archives
Re: SHA-2
From: Rodney Thayer <rodney () canola-jones com>
Date: Tue, 17 Aug 2004 08:33:17 -0700
At 09:42 AM 8/17/2004 -0400, Mordy Ovits wrote:
On Tuesday 17 August 2004 12:43 am, Rodney Thayer wrote:For example, I think it might be tough to crank a new ciphersuite through the IETF to fix TLS if in fact all the SHA's and all the MD-5's are broken. This in turn means that Microsoft (i.e. schannel.dll) or OpenSSL will have to invent something on their own.One important change from SSL 3.0 to TLS (a.k.a. SSL 3.1) was the removal of particular ciphers written into the spec. While new code would have to be rolled out to support updated primitives, TLS would not have to change.
BUT, you'd have to get a new ciphersuite approved by that goofy mechanism they put in place since they didn't use the standard IANA registration mechanism. That's the problem. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave