|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] SHA-1 broken - impact on SuSE linux versions
From: Marcus Meissner (meissner
suse.de)
Date: Wed Feb 16 2005 - 05:55:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Feb 16, 2005 at 09:31:42AM +0100, Polarizer wrote:
> Hi list, i would like to discuss this with you:
>
> This [1] arcticle shows that SHA-1 is broken and details will be
> "fully disclosured" [2] soon.
>
> What impact does is have for our SuSE linux installations. Where is
> it used by default in standard packages and where by default in
> packages to install additionally via Yast.
>
> I found it exempli gratia in SSH for integrity checks (seems not
> critical) or in gpg for fingerprints.
>
> The polarizer
>
> polarizers at its best
> http://www.glass-polarizers.com
>
> [1]http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
> [2]http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0303.html
We are not that mathematically inclined to evaluate that without looking
at the paper...
We are eagerly awaiting Bruces and other crypto experts evaluations.
Ciao, Marcus
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCEzSj6nvzlwF1Yj4RArINAJ9tJZEhLB6V7a60pgazYnJUzSf6jQCffPyV
/QjZVz6saNwdxXuwDFFLbM4=
=aaxA
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]