[reportlab-users] UC fips compliant
Tim Roberts
timr at probo.com
Tue Sep 21 12:13:17 EDT 2021
Satchell Julian via reportlab-users wrote:
>
>
> SHA-1 is no longer recommended, as collision attacks on it are well
> known. Minimum is something in the SHA2 family, depending on strength
> / length requirement.
>
Well, you have to balance the cost against the risk. With one
exception, MD5 is not used in a security context within ReportLab. It's
just a hash algorithm. There is no "attack vector", and there are no
secrets being protected. For those uses, even SHA1 is overkill, and
SHA2 is vast overkill.
The one exception is creating a key for PDF encryption, and here they
are restricted to the standard. They can't arbitrarily change the
algorithm.
--
Tim Roberts, timr at probo.com
Providenza & Boekelheide, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist2.pair.net/pipermail/reportlab-users/attachments/20210921/e0632fd4/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3389 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://pairlist2.pair.net/pipermail/reportlab-users/attachments/20210921/e0632fd4/attachment.bin>
More information about the reportlab-users
mailing list