Dailydave mailing list archives
Re: SHA-2
From: Mordy Ovits <movits () bloomberg com>
Date: Tue, 17 Aug 2004 09:42:11 -0400
On Tuesday 17 August 2004 12:43 am, Rodney Thayer wrote:
For example, I think it might be tough to crank a new ciphersuite through the IETF to fix TLS if in fact all the SHA's and all the MD-5's are broken. This in turn means that Microsoft (i.e. schannel.dll) or OpenSSL will have to invent something on their own.
One important change from SSL 3.0 to TLS (a.k.a. SSL 3.1) was the removal of particular ciphers written into the spec. While new code would have to be rolled out to support updated primitives, TLS would not have to change. Mordy -- Mordy Ovits Network Security Bloomberg L.P. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave