[openstack-dev] [Glance][Security] Secure Hash Algorithm Spec
aheczko at mirantis.com
Fri Sep 29 10:30:45 UTC 2017
Thanks Scott, makes sense.
On Fri, Sep 29, 2017 at 12:19 PM, Luke Hinds <lhinds at redhat.com> wrote:
> On Thu, Sep 28, 2017 at 8:38 PM, McClymont Jr, Scott <scott.mcclymont@
> verizonwireless.com> wrote:
>> Hey All,
>> I've got a spec up for a change I want to implement in Glance for Queens
>> to enhance the current checksum (md5) functionality with a stronger hash
>> algorithm. I'm going to do this in such a way that it is easily altered in
>> the future for new algorithms as they are released. I'd appreciate it if
>> someone on the security team could look it over and comment. Thanks.
>> Review: https://review.openstack.org/#/c/507568/
> +1 , thanks for undertaking this work. Strong support from the security
> projects side.
> Would be good to see all projects move on from MD5 use now, its been known
> to be insecure for sometime and clashes with FIPS-142 compliance.
>> Scott McClymont
>> Sr. Software Engineer
>> Verizon Cloud Platform
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscrib
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
Security Engineer @ Mirantis Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev