[jira] [Commented] (KNOX-910) SHA-1 algorithms are now known to be vulnerable to compromise and/or collisions should use SHA-256 - Shiro HashedCredentialsMatcher.

Sandeep More (JIRA) Mon, 27 Mar 2017 11:10:14 -0700

    [ 
https://issues.apache.org/jira/browse/KNOX-910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15943753#comment-15943753
 ]


Sandeep More commented on KNOX-910:
-----------------------------------

Thanks for the Patch [~jeffreyr97] !

> SHA-1 algorithms are now known to be vulnerable to  compromise and/or 
> collisions should use SHA-256 - Shiro  HashedCredentialsMatcher.
> --------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: KNOX-910
>                 URL: https://issues.apache.org/jira/browse/KNOX-910
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>         Environment: all
>            Reporter: Jeffrey E  Rodriguez
>            Assignee: Jeffrey E  Rodriguez
>             Fix For: 0.13.0
>
>         Attachments: KNOX-hashal.001.patch
>
>
> From Shiro HashedCredentialsMatcher , SHA-1 algorithms are now known to be 
> vulnerable to compromise and/or collisions should use SHA-256.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-910) SHA-1 algorithms are now known to be vulnerable to compromise and/or collisions should use SHA-256 - Shiro HashedCredentialsMatcher.

Reply via email to