OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Replace all md5 examples w/ secure examples

There are many examples using md5, such as in Part 3, Section 2.5 example.  MD5 has long been known to be insecure and using it in examples will have some people think that it is acceptable practice to use these hashes in contexts where they should not be (such as in a whitelist instead of a blacklist, which some AV vendors have done, even today).

I would recommend replacing them w/ one of SHA-256, SHA-512/256 or SHA3-256.

Thanks.

John-Mark

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]