[reportlab-users] UC fips compliant
Satchell Julian
JSSATCHELL at qinetiq.com
Tue Sep 21 11:46:37 EDT 2021
SHA-1 is no longer recommended, as collision attacks on it are well known. Minimum is something in the SHA2 family, depending on strength / length requirement.
Julian Satchell
From: reportlab-users <reportlab-users-bounces at lists2.reportlab.com> On Behalf Of Shea, Steven K
Sent: 21 September 2021 16:23
To: reportlab-users at lists2.reportlab.com
Subject: [reportlab-users] fips compliant
Report Lab is using mds to create hashes. Mds is not fips compatible. We had to change that code to use sha1. It's a simple change.
Steven Shea
Staff Software Engineer
This email and any attachments to it may be confidential and are
intended solely for the use of the individual to whom it is
addressed. If you are not the intended recipient of this email,
you must neither take any action based upon its contents, nor
copy or show it to anyone. Please contact the sender if you
believe you have received this email in error. QinetiQ retains
personal data relating to our customers and partners for the
purposes of conducting a business relationship, communicating
and marketing to them as well as to providing invitations to
upcoming events.
Please see our Privacy Notice ( https://www.qinetiq.com/Privacy-Policy )
for further information. In accordance with our Privacy Notice, you
have the right to withdraw your consent at any time. QinetiQ may
monitor email traffic data and also the content of email for
the purposes of security. QinetiQ Limited (Registered in England
& Wales: Company Number: 3796233) Registered office: Cody Technology
Park, Ively Road, Farnborough, Hampshire, GU14 0LX https://www.qinetiq.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist2.pair.net/pipermail/reportlab-users/attachments/20210921/88eea835/attachment.htm>
More information about the reportlab-users
mailing list