> > On 27.02.2017, at 16:10, Theo de Raadt <dera...@openbsd.org> wrote: > > > >>> > >>> A patch to get away from SHA1 in dhcpd > >>> > >> > >> HMAC-SHA1 is not affected by the published collision, but I'm not > >> against switching the sync protocol to SHA2. Performance also doesn't > >> matter that much here as the typical sync rate is fairly small. > >> > >> Once done, it should also be done for spamd-sync where the protocol came > from. > > > > Well, I don't see the point of making the change. HMAC's are still safe. > > True, I don't mind either way. > > So let's keep "version 1" as it is.
Denis, you should keep your change lying around and keep an eye on these files. When an extension for these protocols is proposed or commited, thereby creating an incompatibility, then bring the diffs forward.
