Home > mailing lists

Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Date	September 25, 2020 22:39:13
Msg-id	20200925193913.GC7199@momjian.us Whole thread Raw
In response to	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 (John Scalia <jayknowsunix@gmail.com>)
Responses	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 (John Scalia <jayknowsunix@gmail.com>)
List	pgsql-hackers

Tree view

On Fri, Sep 25, 2020 at 03:38:22PM -0400, John Scalia wrote:
> Bruce,
> 
>  In my experience, any client is permitted to connect to FIPS140-2 compliant server. I set this up when I worked at
SSA,at management’s request.
 

My question is whether the hash output would match if using different
code.

-- 
  Bruce Momjian  <bruce@momjian.us>        https://momjian.us
  EnterpriseDB                             https://enterprisedb.com

  The usefulness of a cup is in its emptiness, Bruce Lee

pgsql-hackers by date:

From: John Scalia
Date: 25 September 2020, 22:38:22
Subject: Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2

From: John Scalia
Date: 25 September 2020, 22:48:16
Subject: Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2

Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 - Mailing list pgsql-hackers

Previous

Next