[jboss-jira] [JBoss JIRA] (ELY-54) Support for stronger hashes as alternatives to MD5
David Lloyd (JIRA)
issues at jboss.org
Tue Nov 11 09:36:53 EST 2014
[ https://issues.jboss.org/browse/ELY-54?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13018961#comment-13018961 ]
David Lloyd commented on ELY-54:
--------------------------------
Checklist:
* Rename md5digest package to just digest
* Dissociate from AbstractSasl* infrastructure which only supports single mechanisms and add additonal hashes
* Rename MD5Digest*
* Rename DigestMD5Password* to DigestPassword*
* Add multi algorithm support to digest password impl
* Additional hashes to support:
** SHA-1 (http://tools.ietf.org/html/rfc5843)
** SHA-256 (http://tools.ietf.org/html/rfc5843)
** SHA-512 (http://tools.ietf.org/html/rfc5843)
> Support for stronger hashes as alternatives to MD5
> --------------------------------------------------
>
> Key: ELY-54
> URL: https://issues.jboss.org/browse/ELY-54
> Project: WildFly Elytron
> Issue Type: Feature Request
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 1.0.0.Beta1
>
>
> Presently Digest authentication is based on MD5 - however we should either update the mechanism or add new mechanisms to support the use of stronger hashes.
> As this library is used both client and server side installations that require the stronger hashes can just ensure the client and server have the latest version of this library - installations that still require interaction with MD5 will need to ensure that it is still available as a mechanism.
--
This message was sent by Atlassian JIRA
(v6.3.8#6338)
More information about the jboss-jira
mailing list