David Benjamin <david...@chromium.org> writes: >It meant bugs like OpenSSL's get papered over with SHA-1
That affects a whole lot more than just OpenSSL, a bit like ECDSA means P256 so hash means SHA-1. Try switching to SHA-2 (in non-TLS usage) and you'll find all the implementations that simply default to SHA-1, or, worse, skip any algorithm indication that may be present and just assume the other side will do SHA-1. Which so far has worked well enough that no-one's noticed that other options don't. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls