https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7614
--- Comment #4 from Sidney Markowitz <[email protected]> --- (In reply to Bill Cole from comment #3) I agree with everything you said. I'm least strongly agreed on continuing support for SHA1. On the one hand it is considered flawed and including it opens the remote possibility of a vulnerability based on tricking sa-update into accepting it even when there is no SHA256 or SHA512 hash. On the other hand, your proposal explicitly blocks that, and it does protect against another remote possibility of a future second-preimage attack against SHA256 and SHA512. I would choose to drop SHA-1 in sa-update 3.4.2 completely. If a second-preimage attack against SHA256 and SHA512 is found, it will happen in stages like it did with SHA-1. The security world would be turned upside down if it happened suddenly. There will be plenty of time to phase in a new hash. But I would not vote against sa-update verifying the SHA-1 hash that we will continue to provide, as long as sa-update requires SHA256 or SHA512 to be available too, i.e., I'll go along with your proposal if nobody else objects. -- You are receiving this mail because: You are the assignee for the bug.
