Commit 3c55017b authored by Eric S. Raymond's avatar Eric S. Raymond
Browse files

Disambiguate "SHA".

parent ff875e20
......@@ -153,7 +153,7 @@ distribution can be freely exported.
If the OpenSSL cryptographic library is installed prior to building the
distribution, all message digest algorithms included in the library may
be used, including SHA and SHA1. However, if conformance to FIPS 140-2
be used, including SHA-0 and SHA1. However, if conformance to FIPS 140-2
is required, only a limited subset of these algorithms can be used. This
library is available from http://www.openssl.org and can be installed
using the procedures outlined in the link:build.html[Building and
......@@ -191,7 +191,7 @@ ID, to authenticate an association. The servers and clients involved
must agree on the key ID, key type and key to authenticate NTP packets.
The message digest is a cryptographic hash computed by an algorithm such
as MD5 or SHA. When authentication is specified, a message
as MD5 or SHA-1. When authentication is specified, a message
authentication code (MAC) is appended to the NTP packet header. The MAC
consists of a 32-bit key identifier (key ID) followed by a 128- or
160-bit message digest. The algorithm computes the digest as the hash of
......
......@@ -25,9 +25,9 @@
Specify the message digest algorithm, with default MD5. If the
OpenSSL library is installed, +digest+ can be be any message digest
algorithm supported by the library. The current selections are:
+MD2+, +MD4+, +MD5,+ +MDC2+, +RIPEMD160+, +SHA+ and +SHA1+.
+MD2+, +MD4+, +MD5,+ +MDC2+, +RIPEMD160+, +SHA-0+ and +SHA1+.
Note: If compliance with FIPS 140-2 is required, the algorithm
must be ether +SHA+ or +SHA1+.
must be ether +SHA-0+ or +SHA1+.
+gqpar+ _file_;;
Specifies the location of the optional GQ parameters file. This
overrides the link _ntpkey_gq_hostname_ in the keys directory.
......
......@@ -16,7 +16,7 @@ cryptography.
The program produces a file containing ten pseudo-random printable
ASCII strings suitable for the MD5 message digest algorithm included
in the distribution. It also produces an additional ten hex-encoded
random bit strings suitable for the SHA1 and other message digest
random bit strings suitable for the SHA-1 and other message digest
algorithms. The message digest keys file must be distributed and
stored using secure means beyond the scope of NTP itself. Besides
the keys used for ordinary NTP associations, additional keys can be
......@@ -115,7 +115,7 @@ format:
|====================================================================
|Field | Meaning
|keyno | Positive integer in the range 1-65,535
|type | MD5 or SHA1 , type of key
|type | MD5 or SHA-1 , type of key
|key | the actual key, printable ASCII
|====================================================================
......
......@@ -163,7 +163,7 @@ following.
Specify the digest algorithm to use for authenticated requests, with
default +MD5+. If the OpenSSL library is installed, digest can be
any message digest algorithm supported by the library. The current
selections are: +MD2+, +MD4+, +MD5+, +MDC2+, +RIPEMD160+, +SHA+ and
selections are: +MD2+, +MD4+, +MD5+, +MDC2+, +RIPEMD160+, +SHA-0+ and
+SHA1+.
+ntpversion 1 | 2 | 3 | 4+::
......
......@@ -45,7 +45,7 @@ OpenSSL library must be `MD5` to designate the MD5 message digest
algorithm. If the OpenSSL library is installed, the key type can be any
message digest algorithm supported by that library. However, if
compatibility with FIPS 140-2 is required, the key type must be either
`SHA` or `SHA1`. The key type can be changed using an ASCII text editor.
`SHA-0` or `SHA1`. The key type can be changed using an ASCII text editor.
An MD5 key consists of a printable ASCII string less than or equal to 16
characters and terminated by whitespace or a # character. An OpenSSL key
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment