[wp-hackers] Rethinking check_admin_referer()

Doug Stewart dstewart at atl.lmco.com
Fri Apr 21 22:21:10 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Elliotte Harold wrote:
> 
> SHA-1 has recently begun to show weaknesses. For now they're probably
> not relevant for this use case, but attacks only get better with time.
> They never get worse. SHA-256, SHA-512, or Whirlpool might be better
> choices.
> 

Agreed, but last I checked, none of those had native PHP implementations.

- --
- ----------
Doug Stewart
Systems Administrator/Web Applications Developer
Lockheed Martin Advanced Technology Labs
dstewart at atl.lmco.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org

iD8DBQFESVrWN50Q8DVvcvkRAi3nAJ9XYrYpq5v2foZXbhj47GKDienAOACfWIbL
HOxirGqThVMjr/Kvdu+sRog=
=uzHh
-----END PGP SIGNATURE-----


More information about the wp-hackers mailing list