Reducing the security bits for MD5 and SHA1 in TLS
Kurt Roeckx
kurt at roeckx.be
Wed Jun 17 19:57:31 UTC 2020
On Wed, May 27, 2020 at 12:14:13PM +0100, Matt Caswell wrote:
> PR 10787 proposed to reduce the number of security bits for MD5 and SHA1
> in TLS (master branch only, i.e. OpenSSL 3.0):
>
> https://github.com/openssl/openssl/pull/10787
>
> This would have the impact of meaning that TLS < 1.2 would not be
> available in the default security level of 1. You would have to set the
> security level to 0.
>
> In my mind this feels like the right thing to do. The security bit
> calculations should reflect reality, and if that means that TLS < 1.2 no
> longer meets the policy for security level 1, then that is just the
> security level doing its job. However this *is* a significant breaking
> change and worthy of discussion. Since OpenSSL 3.0 is a major release it
> seems that now is the right time to make such changes.
>
> IMO it seems appropriate to have an OMC vote on this topic (or should it
> be OTC?). Possible wording:
So should that be an OMC or OTC vote, or does it not need a vote?
Kurt
More information about the openssl-project
mailing list