Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.6.2
-
None
-
All supported platforms
-
Moderate
Description
Due to the weakness of SHA1 algorithm, US National Institute of Standards and Technology (NIST) has recommended that SHA256 or higher algorithms be used. Using SHA256 is also required by Federal Information Processing Standard (FIPS).
Currently, there is no way to specify SHA256 Signature algorithms when signing a message part using Web services security.