Anthony, * Anthony Burden (anthony.d.burden.ctr@xxxxxxxx) wrote: > validate some software with you to > ensure that all our installed PostgreSQL software meets SHA-256 compliance. > There is basically two things we are looking for: > > 1) Identify all COTS software purchased as part of scheduled and budgeted > technology refreshes and upgrades must be SHA-256 compliant. > > 2) All DOD information systems that have been upgraded or are upgrading to > support SHA-256 compliance must continue to maintain backwards compatibility > with DOD's current SHA-1 credentials. > > All the software we are using are: > PostgreSQL 8.2 8.2 PostgreSQL is now at version 9.3, with 9.0 being the oldest version which is supported by PGDG (the PostgreSQL Global Development Group- aka the PostgreSQL community). Support for older versions may be available from PostgreSQL support vendors- a list of vendors in North America is available here: http://www.postgresql.org/support/professional_support/northamerica/ > Can you confirm that your software is SHA-256 Compliant? As mentioned elsewhere on the thread, if this question is about SHA-256 support in OpenSSL, you would need to check the OpenSSL library on your system. If the operating system you're running PostgreSQL on is as old as the version of PostgreSQL you're running then I would be quite worried that it does not support SHA-256. Generally, I'd recommend you look to upgrade to a version of your OS which includes a version of PostgreSQL which is currently considered supported by the PGDG (eg: Red Hat Enterprise Linux 7 includes PostgreSQL 9.2) and verify that the OpenSSL also supports SHA-256 (RHEL7 does). Thanks! Stephen
Attachment:
signature.asc
Description: Digital signature
