[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS gsasl
From: |
gsasl-commit |
Subject: |
CVS gsasl |
Date: |
Sat, 01 Jan 2005 20:20:40 +0100 |
Update of /home/cvs/gsasl
In directory dopio:/tmp/cvs-serv22748
Modified Files:
NEWS
Log Message:
Add.
--- /home/cvs/gsasl/NEWS 2005/01/01 18:45:17 1.146
+++ /home/cvs/gsasl/NEWS 2005/01/01 19:20:39 1.147
@@ -8,6 +8,13 @@
* Version 0.2.4 (unreleased)
+** The CRAM-MD5 mechanism is now preferred over DIGEST-MD5.
+This decision was based on recent public research that suggest MD5 is
+broken, while HMAC-MD5 not immediately compromised, and the lack of
+public analysis on what consequences the MD5 break have for
+DIGEST-MD5. Support for CRAM-SHA1 is under investigation, to enable
+users to avoid MD5 completely
+
** Fixed a bug that prevented SMTP client from working.
** New configure option --disable-obsolete to remove backwards compatibility.
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl,
gsasl-commit <=
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/01
- CVS gsasl, gsasl-commit, 2005/01/18
- CVS gsasl, gsasl-commit, 2005/01/29