cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-5013) Need support for SHA256 Signature Algorithms
Date Tue, 14 May 2013 09:19:17 GMT

     [ https://issues.apache.org/jira/browse/CXF-5013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh updated CXF-5013:
-------------------------------------

    Fix Version/s:     (was: 2.6.7)
                   2.6.9
                   2.7.6
    
> Need support for SHA256 Signature Algorithms
> --------------------------------------------
>
>                 Key: CXF-5013
>                 URL: https://issues.apache.org/jira/browse/CXF-5013
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.6.2
>         Environment: All supported platforms
>            Reporter: Syed Abdul Wadood
>             Fix For: 2.7.6, 2.6.9
>
>         Attachments: sha256_sigalg.patch, Sha2SignatureAlgorithmTest.java
>
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Due to the weakness of SHA1 algorithm, US National Institute of Standards and Technology
(NIST) has recommended that SHA256 or higher algorithms be used. Using SHA256 is also required
by  Federal Information Processing Standard (FIPS).
> Currently, there is no way to specify SHA256 Signature algorithms when signing a message
part using Web services security.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message