Michael Wojcik <Michael.Wojcik@...> writes: > > As described on that web page, use OpenSSL 1.0.1f or later. That prevents the currently-practical SLOTH > attack against RSA-MD5 client authentication. > > If you're using an OpenSSL release earlier than 1.0.1f, SLOTH is probably not your biggest problem. > > The authors recommend discontinuing use of MD5 and SHA-1 in general. So does nearly everyone else. Really > the risk of continuing to support MD5 and SHA-1 can only meaningfully be evaluated in the context of your > own threat model; but either you already know that, or you don't know what your threat model is, in which > case the safe move is to drop support for MD5 and SHA-1 as soon as you can. >
Are the 1.0.0 and 1.0.2 branches also affected? The article states that the issue is present in openssl versions prior to 1.0.1f. If the issue is also present in the 1.0.0 and 1.0.2 branches, will fixes be provided on those branches to address the issue? Thanks very much for your feedback. Best regards, Miriam _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
