[openssl-users] openSSL and SLOTH attack
jonetsu
jonetsu at teksavvy.com
Fri Jan 8 14:09:51 UTC 2016
> Does FIPS mode prevent use of MD5: Yes.
> Does FIPS mode prevent insecure uses of SHA-1 (a FIPS
> algorithm): No.
> Does FIPS mode prevent the SSL/TLS handshake from using 96 bit
> truncated HMAC values: Probably not.
> Does FIPS mode prevent use of the insecurely designed
> 'tls-unique' feature: Probably not.
This is what I read so far, thanks for the confirmation. 1.01f though, will
be good, will it, FIPS mode or not ?
--
View this message in context: http://openssl.6102.n7.nabble.com/openSSL-and-SLOTH-attack-tp62055p62080.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list