-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected]>, Heiko Schlittermann <[email protected]> writes
>Andreas Metzler <[email protected]> (Mo 15 Jun 2009 19:32:54 CEST): > >> gnutls night not be able to read the file-format, or perhaps >> the signature algoritm is RSA-MD2, or whatever. > >Indeed - my own certs are signed RSA-MD5, That's really unwise ... because of the weaknesses in MD5 people have generated "pairs" of certificates and used them for various attacks. As a result, many software suites are rapidly being reconfigured to reject MD5 outright... >the Thawte certs use SHA1. SHA1 has its own problems, but the difficulty is that not all software yet supports SHA256. You would be well advised to move to SHA1 sooner rather than later, and prepare to change hash function again in 2010 - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBSjdxhpoAxkTY1oPiEQIRjgCg2jkhzkPPL7hWhFX7VQblTfLc6okAoNNh KXUCEBbOJDvuT78f3QsZTtuO =++Jd -----END PGP SIGNATURE----- -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
