[Rpm-maint] [rpm-software-management/rpm] Disable SHA1, MD5, RIPEMD160, and <2048 bit RSA/DSA (#1467)
Neal Gompa (ニール・ゴンパ)
notifications at github.com
Sat Dec 26 08:39:17 UTC 2020
We probably would want this as a knob, because users can't help it if an RPM uses those hash functions and they need to install it. Admittedly, I think we've been using SHA256 digests since RPM 4.11 (RHEL7), but Enterprise Linux distributions live a _long_ time. Defaulting to those being turned off (and hard-disable in FIPS mode) probably makes sense, though.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1467#issuecomment-751335383
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20201226/e399e75c/attachment.html>
More information about the Rpm-maint
mailing list