https://bugzilla.suse.com/show_bug.cgi?id=1209053 https://bugzilla.suse.com/show_bug.cgi?id=1209053#c13 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(otto.hollmann@sus | |e.com) | --- Comment #13 from Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> --- Created attachment 875923 --> https://bugzilla.suse.com/attachment.cgi?id=875923&action=edit Digests check in last Factory version Hello, all. I just took over maintainership of openssl from Otto. We are in the middle of the FIPS certification round for SP6 and I run a test over all the digest algos in both Factory and SP6 and all that should be blocked is already blocked. See the attached file. Note that sha1 is still allowed until the end of 2030, see [0]. For sha1, we are implementing a way to disable it via crypto-policies and we will ask the certifying laboratory to document that in the FIPS security policy. Please, could you verify this on your end? TIA [0] https://csrc.nist.gov/news/2022/nist-transitioning-away-from-sha-1-for-all-a... -- You are receiving this mail because: You are on the CC list for the bug.