Change default to SHA256 for signature algorithm / Depricate SHA1

Brought to you by: chris2511

#89 Change default to SHA256 for signature algorithm / Depricate SHA1

Milestone: Next_Release_(example)

Status: closed

Owner: nobody

Labels: None

Priority: 5

Updated: 2018-01-04

Created: 2016-01-27

Creator: Maurice Smulders

Private: No

Recommend to change default signature algorithm from SHA1 to SHA256 (possibly even remove SHA1)

https://blog.qualys.com/ssllabs/2014/09/09/sha1-deprecation-what-you-need-to-know

Discussion

Christian Hohnstaedt - 2018-01-04

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Christian Hohnstaedt - 2018-01-04

In xca 1.4.0 not only the default hash changed to SHA256,
but also opening exisiting databases with SHA-1 default hash will
issue a warning and propose changing the hash to something
more secure.

commit 13580262f696aee8bedc3d7b3a7ec4be925a4ddb
Author: Christian Hohnstaedt christian@hohnstaedt.de
Date: Tue Oct 24 11:56:11 2017 +0200

Change default hash to SHA-256

commit cfc65af48a0404bd0e5f2729525ae720e92d59a9
Author: Christian Hohnstaedt christian@hohnstaedt.de
Date: Mon Nov 13 17:51:48 2017 +0100

Add warning if the default hash algorithm is SHA1 or less
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.