Help home
Help home

Weak Digest Algorithms IT policy rule

Description

This rule specifies the digest algorithms that a BlackBerry device considers weak. The device uses the list of weak digest algorithms to verify the following data:

  • Algorithms that are used to digitally sign email messages that the device receives are strong enough
  • Certificate chains for the certificates that are used to sign email messages that the device receives are strong enough
  • Certificates that are presented to the device from web pages that use HTTPS are strong enough

If you set this rule, you can prevent the user from sending an S/MIME-encrypted message or PGP encrypted message using a certificate or key that has a corresponding public key that is weak. If you set this rule for any digest algorithm, the device considers the algorithm weak in all cases.

You cannot specify SHA-384 and SHA-512 as weak algorithms.

Possible values
  • MD2
  • MD4
  • MD5
  • RIPEMD128
  • RIPEMD16
  • SHA
  • SHA224
  • SHA256

Default value
  • Null value

Minimum requirements
  • BlackBerry Device Software 4.3

Rule introduction
  • BlackBerry Enterprise Server 4.1 SP5
Last updated: 2012-09-17
©2012 Research In Motion Limited. All Rights Reserved.