[Bug 3466] Prefer using AEAD algorithms

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Sep 24 11:48:52 AEST 2022


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX

--- Comment #5 from Damien Miller <djm at mindrot.org> ---
The collision weaknesses in SHA-1 are irrelevant for its use in HMAC
and HMAC-SHA1 is not at all broken.

I don't see any benefits to promoting AES-GCM to the front on the list.
If new cryptanalysis that changes this, then we'll consider changing
the ordering.

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list