Author yolanda.robla
Recipients bkabrda, christian.heimes, dholth, dmalcolm, doughellmann, icordasc, jpokorny, lukecarrier, pitrou, rbcollins, rpetrov, yolanda.robla
Date 2017-01-18.08:24:07
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1484727847.96.0.653110074013.issue9216@psf.upfronthosting.co.za>
In-reply-to
Content
@rbtcollins, even if we go with a FIPS aware module, we'd still need to detect if md5 was used for security purposes.
If we build a system that detects FIPS enablement, call md5 say ... for generating a password, and then the python fips_md5 call is masking it, we'd be breaking FIPS rules.
I still see the point of the used_for_security flag. Maybe reverting the flag, set used_for_security to False because the normal usage of md5 shall be for hashes and non security stuff?
History
Date User Action Args
2017-01-18 08:24:08yolanda.roblasetrecipients: + yolanda.robla, pitrou, christian.heimes, rbcollins, rpetrov, doughellmann, dmalcolm, dholth, jpokorny, bkabrda, lukecarrier, icordasc
2017-01-18 08:24:07yolanda.roblasetmessageid: <1484727847.96.0.653110074013.issue9216@psf.upfronthosting.co.za>
2017-01-18 08:24:07yolanda.roblalinkissue9216 messages
2017-01-18 08:24:07yolanda.roblacreate