[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SHA 1 vs. SHA 256 for Root CA

To: "ROGER YOUNGLOVE" <ryounglove1@xxxxxxx>
Subject: RE: SHA 1 vs. SHA 256 for Root CA
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 29 Jan 2007 13:44:55 -0500
Cc: ietf-pkix@xxxxxxx
In-reply-to: <BAY106-F147009159F7CA317BE703FCA70@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <BAY106-F147009159F7CA317BE703FCA70@xxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


At 12:36 PM -0500 1/29/07, ROGER YOUNGLOVE wrote:

Gentlemen,
Thank you for the rapid response. One thing I did not mention wasthat we are using a Micorsoft CA implentation from Windows Server2003 EE.We just found out that this CA product does not recognize SHA 256 orabove even though it is an option.
TTFN
Roger Younglove


OK. Guess that narrows the options a bit :-).

Also, upon further reflection, I agree that since this is aself-signed cert, which presumably has been delivered via anout-of-band path that is considered integrity secure, the concernsover use of SHA-1 may be overstated.


Steve

Follow-Ups:
- RE: SHA 1 vs. SHA 256 for Root CA
  - From: Russ Housley
- RE: SHA 1 vs. SHA 256 for Root CA
  - From: Kemp, David P.

References:
- RE: SHA 1 vs. SHA 256 for Root CA
  - From: ROGER YOUNGLOVE

Prev by Date: Re: SHA 1 vs. SHA 256 for Root CA
Next by Date: RE: SHA 1 vs. SHA 256 for Root CA
Previous by thread: RE: SHA 1 vs. SHA 256 for Root CA
Next by thread: RE: SHA 1 vs. SHA 256 for Root CA
Index(es):
- Date
- Thread