Firewall Wizards mailing list archives
SHA-1 or MD5
From: Walker Andrew <andrew.walker () capco com>
Date: Mon, 3 Sep 2001 13:47:31 +0200
Hello, The VPN I have inherited uses a mixture of message digests for the encryption. On 1 firewall the client encryption is set up with DES and SHA-1, and at another location the FW client encryption is set up with DES and MD5. My understanding is the MD5 is quicker than SHA-1, but less strong. My question to the list subscribers, on NT based FW1, can the message digests be changed to either SHA-1 or MD5 without breaking the VPN. I just wondered if it was a one time choice at setup time - non reversable. Has anyone any comments on the best choice, MD5 or SHA-1 ? Does it matter that there is a mix at all ? Thanks in advance for any thoughts, experience or advice. Best regards, Andrew ************************************************************************ The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, use or disseminate the information contained in the email. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Capco. http://www.capco.com *********************************************************************** _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- SHA-1 or MD5 Walker Andrew (Sep 03)
- <Possible follow-ups>
- RE: SHA-1 or MD5 Ben Nagy (Sep 07)