[chrony-dev] Support for another crypto hash?

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


Hi,

currently the only supported hash for NTP and the chrony cmdmon
protocol is MD5. I'm not sure if the known MD5 weaknesses apply to the
used MAC, but even if they don't I think it would be good to
add support for a stronger hash function.

One way would be to pick one and include a code which implements it
and has a compatible license, similarly to the MD5 code. Would SHA256
be a good candidate?

Another way would be to use a crypto library like nss (we can't use
openssl as it's not compatible with GPL) and allow user to select any
hash supported by the library. 

What do you think?

-- 
Miroslav Lichvar

---
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/