nanog mailing list archives

RE: beware: being old sucks

From: Gary Sparkes via NANOG <nanog () lists nanog org>
Date: Mon, 1 Sep 2025 19:45:17 +0000

Indeed, I recall many years ago setting up SharePoint 2013, and in the environment it was, I had to get a waiver to 
bypass the FIPS compliance mode.

SharePoint uses it internally for fast search match/indexing, not for any cryptographically sensitive operations. 

It was a pain to justify, but that was in ~2015 even, where MD5 was considered a risk in those environments no matter 
the usage. 

Obviously, exceptions were allowed with valid justification. 

-----Original Message-----
From: Randy Bush via NANOG <nanog () lists nanog org> 
Sent: Monday, September 1, 2025 8:40 AM
To: Gary Sparkes via NANOG <nanog () lists nanog org>
Cc: Randy Bush <randy () psg com>
Subject: Re: beware: being old sucks

https://natmchugh.blogspot.com/2015/09/md5-collisions-in-ssh-keys.html


yes, md5 is well known to have collision problems.  in some uses, e.g.
bgpp-md5, it is less of a concenrn.  in this case, ssh, it is more of a problem.

randy
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/ZUTBMV2VEA3ZVODNOFFN474A2DMEB7OL/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/L5FU4S2AKOSJ4VPDWAQYD2U5LR2OQ5UA/

Current thread:

Re: beware: being old sucks Randy Bush via NANOG (Sep 01)
- RE: beware: being old sucks Gary Sparkes via NANOG (Sep 01)
- <Possible follow-ups>
- Re: beware: being old sucks Jeroen Wunnink via NANOG (Sep 02)