SHA-1 algorithm in xTalk?
David Bovill
david at openpartnership.net
Tue Nov 22 06:06:45 EST 2005
On 21 Nov 2005, at 21:58, Alessandro Manotti wrote:
> On 11/21/05, David Bovill <david at openpartnership.net> wrote:
>
>> The SSL libraries that RunRev uses should be able to do this - and I
>> would have thought considerably faster than a native and possibly
>> less secure Transcript implementation - no?
>
> What do you mean when you talk about "less secure"?
Minor point - to do with trusting the code. Standard open libraries
are trusted - what is to say that the Transcript code generating the
SHA-1 hash has not been subtly altered? What is the best way to
ensure this does not happen? An SHA-3 hash of the SHA-1 code :)
> If RunRev player implements sha-1, then in transcript one can manage
> certificates, etc... but without sha-1 algorithm....
Yes it would be cool - not really sure if in the case of SSL it is
better for the trust reasons hinted at above to keep the standard
open external or integrate into the engine proprietary code.
More information about the use-livecode
mailing list