[jitsi-dev] [jitsi] MD5 for certificate fingerprint (#173)


#1

When displaying fingerprint for SSL certificate both MD5 and SHA-1 fingerprints are displayed. Don't display the MD5 fingerprint because MD5 as used in SSL certificates is not secure.
https://en.wikipedia.org/wiki/MD5
https://www.win.tue.nl/hashclash/rogue-ca/

Also please SHA-256 fingerprint as SHA-1 is showing weaknesses and should be phased out.
https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

···

---
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/jitsi/issues/173


#2

Closed #173 via 789022ba3b63f6befecc9bdab4fd9d47038e9743.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/jitsi/issues/173#event-725218898