Should we settle on one SSL implementation?
Paul Wouters
paul at xelerance.com
Sat Oct 27 19:07:12 UTC 2007
On Sat, 27 Oct 2007, Steve Grubb wrote:
> During F9, there will be another parallel and somewhat related project to hunt
> down places where md-5 and sha-1 are being used and look at improving the
> situation so that sha-256, and in some cases other hash algorithms, could be
> used.
Also, as Michael Richardson <mcr at xelerance.com> reminded me:
SHA256 is slower, and there are no hardware accelerators for it.
(while, I think, VIA supports SHA1 acceleration?)
If you want to switch, a switch to accelerated AES-XCBC would be a
better choice, I think. Or, AES-GCM mode, which hashes and encrypts in
one step.
Paul
More information about the fedora-devel-list
mailing list