[DOCS-15079] Document the security non-implications of md5 usage in SCRAM-SHA-1 Created: 01/Feb/22 Updated: 13/Nov/23 Resolved: 15/Feb/22 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | manual, Server |
| Affects Version/s: | None |
| Fix Version/s: | 4.2.0, 4.4.0, 5.0.0, 5.2.0, 5.3.0, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Bernie Hackett | Assignee: | Jason Price |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Participants: | |||||
| Days since reply: | 1 year, 51 weeks, 1 day ago | ||||
| Epic Link: | DOCSP-11701 | ||||
| Story Points: | 3 | ||||
| Description |
|
We often get tickets like SECURITY-769 or https://docs.mongodb.com/upcoming/core/security-scram/ |
| Comments |
| Comment by Githook User [ 15/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message: Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by Githook User [ 15/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message: Docs 15079 md5 usage in scram sha 1 (#612) (#639)
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by Githook User [ 15/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message:
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by Githook User [ 15/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message:
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by Githook User [ 12/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message: Docs 15079 md5 usage in scram sha 1 (#626)
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com>
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by Githook User [ 12/Feb/22 ] |
|
Author: {'name': 'jason-price-mongodb', 'email': '69260375+jason-price-mongodb@users.noreply.github.com', 'username': 'jason-price-mongodb'}Message: Docs 15079 md5 usage in scram sha 1 (#612)
Co-authored-by: jason-price-mongodb <jshfjghsdfgjsdjh@aolsdjfhkjsdhfkjsdf.com> |
| Comment by James Kovacs [ 01/Feb/22 ] |
|
GridFS optionally uses MD5 hashes for stored files and we have a note in our docs that this is deprecated: |