| Issue 124: | Provide mechanism to only allow HMAC_SHA256 associations | |
| Back to list |
Sign in to add a comment
|
HMAC_SHA1 is broken because the SHA-1 hash has been broken (deliberate collisions can now be generated). For high security RP sites, a switch to allow only SHA256 associations should be available. |
||||||||||||
,
Aug 13, 2008
Fixed in master.
Status: Fixed
|
|||||||||||||
,
Aug 19, 2008
(No comment was entered for this change.)
Labels: -release-3.0 Release-2.4
|
|||||||||||||
 Sign in to add a comment
|
|||||||||||||
