Hi, Horn. Jörn Franke wrote: >Makes sense
I don't think that it's easy. >>> Maybe use SHA-256 or later. SHA-1 is obsolete and one never knows when it >>> will be removed from JDK. I also know SHA-1 is dangerous. Someone can generate the string which is hashed into the same SHA-1 to pretend another one. Then SHA-1 should not be used with certifications. The future JDK may stop using SHA-1 with certifications. But JDK will never stop supporting SHA-1 algorism. If SHA-1 is removed from JDK, ManifoldCF can not be built for reasons of another using of SHA-1. Some connectors already use SHA-1 as the ID value, then the previous saved records will be inaccessible. I can use SHA-256 with Elasticsearch connector. How should the other SHA-1 be managed? ---- Nintendo, Co., Ltd. Product Technology Dept. Takashi SHIRAI PHONE: +81-75-662-9600 mailto:shi...@nintendo.co.jp
