|
|
|
|
|
|
by wruza
899 days ago
|
|
|
That happens when you finish your roadmap and call it done. It’s frustrating that the modern sense of it became automatically negative. This is an actual claim if someone is interested: https://www.hmailserver.com/state On SHA-1: https://en.wikipedia.org/wiki/SHA-1 As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures. Digging further: https://www.hmailserver.com/forum/viewtopic.php?t=40568 Tl;dr: it uses sha256 by default and only has sha1 for backwards compatibility, which is considered insecure today. Critical updates are still there. |
|
|