Complete session digest migration from SHA1 to SHA256
Open, LowPublic
Actions

Assigned To

Authored By

	epriestley
	Dec 13 2018, 6:42 PM

Description

In T12509, we moved away from HMAC-SHA1 for new code. One older workflow still using HMAC-SHA1 is session digests.

In connection with T13222, I'm upgrading these to HMAC-SHA256, but leaving some SHA1 code for compatibility. This should be removed after a reasonable period of time elapses (removing the compatibility code too quickly will log everyone out).

Revisions and Commits

rP Phabricator
	D19883	rP1d34238dc945 Upgrade sessions digests to HMAC256, retaining compatibility with old digests

Related Objects
Search...

		Status	Assigned	Task
		Open	epriestley	T12509 Plan the path forward from HMAC-SHA1
		Open	epriestley	T13225 Complete session digest migration from SHA1 to SHA256

Event Timeline

epriestley triaged this task as Low priority.Dec 13 2018, 6:42 PM

epriestley created this task.

Herald added subscribers: amckinley, cburroughs, andypuettmann, revi. · View Herald TranscriptDec 13 2018, 6:42 PM

epriestley added a revision: D19883: Upgrade sessions digests to HMAC256, retaining compatibility with old digests.Dec 13 2018, 7:31 PM

epriestley added a commit: rP1d34238dc945: Upgrade sessions digests to HMAC256, retaining compatibility with old digests.Dec 14 2018, 12:15 AM

Complete session digest migration from SHA1 to SHA256Open, LowPublicActions

Description

Revisions and Commits

Related ObjectsSearch...

Event Timeline

Complete session digest migration from SHA1 to SHA256
Open, LowPublic
Actions

Related Objects
Search...