hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lovette, Steve" <steve.love...@lmco.com>
Subject use of MD5 and security violations
Date Fri, 24 Oct 2008 01:10:49 GMT
HC development community

 As I understand it NIST FIPS 180-2 does not support the use of the MD5
algorithm for digest functions. In researching government security STIGS
this appears to be a security violation (i.e. vulnerability). However, I
see that it is still in use with the HC 3.1. So I am surprised and
suspecting that I am missing something. I don't see this issue addressed
on the Apache HC Web site or the code fixed. 

 

Any insight would greatly appreciated.

 

Thank you, Steve

 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message