Package: openssl Version: 0.9.8o-2 Severity: normal
Hi, PCI is slowly phasing out sha1. http://www.css-security.com/blog/times-up-for-sha-1-css-suggested-migration-path/ http://www.fips201.com/resources/audio/iab_0810/iab_082510_sha-2_migration.pdf http://www.digicert.com/sha-2-ssl-certificates.htm I was wondering why the windows port of openssl has the option for 256 and not linux :-) it would be nice to add -sha256 and -sha512 to the req and x509 man page, the functionnality is there since lenny at least. thanks ! -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (900, 'testing'), (600, 'unstable'), (550, 'stable'), (449, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35.4.2.6.35.4-3-ws.2010.09.14 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssl depends on: ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libssl0.9.8 0.9.8o-2 SSL shared libraries ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20090814+nmu2 Common CA certificates -- Configuration Files: /etc/ssl/openssl.cnf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org