/Hi!

I am running NetBSD 4.99.1 here.

The SHA2 family of functions is now required for security-demanding 
systems, as sha1 is not Pareto-secure[1] anymore. I am happy to see that 
the NetBSD base comes with 0.9.8* now, but at the same time, I wonder 
WHY the sha2 functions are not included. Specifically speaking, SHA256, 
SHA384 and SHA512 algorithms. It would be of crucial importance that 
these algorithms are released with 4.0 too, and maybe even 3.1, if we 
want to keep playing on high-security environments.

$ uname -a
NetBSD winston.XXX.YYY 4.99.1 NetBSD 4.99.1 (WINSTON) #1: Tue Aug 22 
13:41:26 BRT 2006  
root@winston.XXX.YYY:/usr/src/sys/arch/i386/compile/WINSTON i386

$ openssl version
OpenSSL 0.9.8b 04 May 2006

$ openssl help
<snip>
Message Digest commands (see the `dgst' command for more details)
md2            md4            md5            rmd160         sha           
sha1          
<snip>

I built this system without any -V flag to build.sh, as I wanted to see 
the defaults

We at CAcert.org are moving towards SHA2 algorithms, and we are 
researching on which systems support them already for better integration [2]


References:
[1] http://iang.org/papers/pareto-secure.html
[2] http://wiki.cacert.org/wiki/HashInterop
/