Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Spktyr

Oh, so SHA-1 was cracked by whom last year to have made browsers give warnings?

No one. You exaggerate out the butt.


51 posted on 03/03/2017 11:57:19 AM PST by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticides, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 41 | View Replies ]

To: ConservativeMind; Spktyr

I’m a computer developer and professional with many years in the Federal security space.

While SHA-1 is not forbidden, Federally, they are moving to make it non-FIPS-compliant at some point, and internal guidance is to take the 15 minutes and convert your app to SHA-3 or SHA-256.

It’s not QUITE an overstatement to say SHA-1 is insecure. If it is not insecure now, it will be shortly.

Think of conversion to a more robust security schema as a proactive move.


52 posted on 03/03/2017 12:01:52 PM PST by Lazamataz (The "news" networks and papers are bitter, dangerous enemies of the American people.)
[ Post Reply | Private Reply | To 51 | View Replies ]
To: ConservativeMind

Actually, the warnings started in 2014-2015 as the vulnerability of SHA-1 was anticipated, but not proven. See the cited articles. Google just proved it last month.


53 posted on 03/03/2017 12:39:51 PM PST by Spktyr (Overwhelmingly superior firepower and the willingness to use it is the only proven peace solution.)
[ Post Reply | Private Reply | To 51 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson