I'd say there is no reason in the context of this use. The world is moving
away from sha1 and isn't quite ready for sha3. So, the only thing left is
sha256 which works in all contexts. So, there seems nothing to configure
here.
On Mon, 17 Apr 2023, Guilherme Amadio wrote:
> @amadio commented on this pull request.
>
>
>
>> @@ -455,7 +455,7 @@ int XrdCryptosslX509CreateProxy(const char *fnc, const char *fnk,
> }
> //
> // Sign the request
> - if (!(X509_REQ_sign(preq, ekPX, EVP_sha1()))) {
> + if (!(X509_REQ_sign(preq, ekPX, EVP_sha256()))) {
>
> I wonder if this could/should be made configurable by the user.
>
> --
> Reply to this email directly or view it on GitHub:
> https://github.com/xrootd/xrootd/pull/1999#pullrequestreview-1387809406
> You are receiving this because you are subscribed to this thread.
>
> Message ID: ***@***.***>
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Message ID: <xrootd/xrootd/pull/1999/c1511546178@github.com>
[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/pull/1999#issuecomment-1511546178",
"url": "https://github.com/xrootd/xrootd/pull/1999#issuecomment-1511546178",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1