[Top] [All Lists]

Re: Further MD5 breaks: Creating a rogue CA certificate

2008-12-30 17:10:59


If the IETF feels that adding randomization to signatures is important, we should define randomized signature functions. We could start with NIST Draft SP 800-106 (<>). However, I think that doing so is sending the wrong message: we should instead be encouraging the use of non-broken hash functions.

This is a very different thing than a BCP that the recommends that the certificate serial number include some random bits.