sha256 hashing

Liam Hoekenga liamr at
Fri May 30 09:21:42 EDT 2014

We're trying to work through an issue with a vendor re: the InCommon
mandated move from sha1 to sha256 hashing.

Their concern is that the signature algorithm used when signing our public
key is sha1, and have asked that we retest using a cert that's using sha256.

The instructions in the shib wiki don't mention having to reissue certs,
and we have other vendors who were able to use the sha256 configuration.

Is this vendor request needed / reasonable?  Is it a red herring?

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list