On Wed, 2014-06-04 at 16:15 +0200, Till Maas wrote:
> MACs: SHA1+
^^^^^
> Curves: All supported
> Signature algorithms: must use SHA-256 hash or better
> Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC
> Key exchange: ECDHE, RSA, DHE
> DH params size: 2048+
> RSA params size: 2048+
> SSL Protocols: TLS1.1+
Why is SHA1+ allowed as MAC here?
And why not? Could we please have a constructive conversation? Why do
you think it shouldn't be there? Do you have any results on
cryptanalysis of HMAC-SHA1 that do not make it suitable for this level?
regards,
Nikos