Re: Further MD5 breaks: Creating a rogue CA certificate

ietf-smime

Re: Further MD5 breaks: Creating a rogue CA certificate

2008-12-31 10:01:06

Russ Housley wrote:

I'm not sure I understand the issue here, but
they don't actually have to be totally randomized. You could use a
PRF so they were predictable to the CA.
That works. This works too: the serial number could be composed oftwo parts, where the most significant bits are a counter and theleast significant bits are randomly generated.


How would Corestreet's miniCRL format fare under this?

-- Tim

smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, (continued) Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Yoav Nir RE: [saag] Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani Message not available Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Russ Housley Message not available Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Scott Rea RE: [saag] Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Timothy J. Miller Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla Re: Further MD5 breaks: Creating a rogue CA certificate, Russ Housley Re: Further MD5 breaks: Creating a rogue CA certificate, Timothy J. Miller <= RE: Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Blake Ramsdell Re: Further MD5 breaks: Creating a rogue CA certificate, Hugo Krawczyk Re: Further MD5 breaks: Creating a rogue CA certificate, Russ Housley Message not available Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CA certificate, Jeffrey Hutzelman Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CA certificate, Nicolas Williams Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CA certificate, Jeffrey Hutzelman RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani

Previous by Date:	RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Next by Date:	Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla
Previous by Thread:	Re: Further MD5 breaks: Creating a rogue CA certificate, Russ Housley
Next by Thread:	RE: Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani
Indexes:	[Date] [Thread] [Top] [All Lists]