Change Details

T5244 was the task for old FIPS 140, and the topic was MD5. We introduced `.disabled` but its use has been inconsistent (yet), or we have discrepancy in its documentation. Let us clarify things for non-approved digest algo(s) are supported, and how it is ensured only approved digest algo(s) are in use in signature computation when FIPS enabled. Note that SHA-1 is special. It's use for hashing is OK, but not for (internal) hashing at signature computation.

T5244 was the task for old FIPS 140, and the topic was MD5. We introduced `.disabled` but its use has been inconsistent (yet), or we have discrepancy in its documentation. Let us clarify things for non-approved digest algo(s) are supported, and how it is ensured only approved digest algo(s) are in use in signature computation when FIPS enabled. Note that SHA-1 is special. Its use for hashing is OK, but not for (internal) hashing at signature computation.

T5244 was the task for old FIPS 140, and the topic was MD5. We introduced `.disabled` but its use has been inconsistent (yet), or we have discrepancy in its documentation. Let us clarify things for non-approved digest algo(s) are supported, and how it is ensured only approved digest algo(s) are in use in signature computation when FIPS enabled. Note that SHA-1 is special. It's use for hashing is OK, but not for (internal) hashing at signature computation.