Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

ietf-smime

Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

2008-12-31 10:29:33

Santosh Chokhani wrote:

One would think we want to start using SHA-1 or even SHA256 (assuming
client vendors implement SHA256 ASAP) and ask the CAs emanating from
commercial roots to perform responsible I&A before issuing certificates.

Speaking of I&A, I found it interesting to note that the CA/Browserforum guidelines for EV certs allows (but recommends against) MD5 until2010.

The spot check of EV issuers I did yesterday didn't turn up anyoneactually using MD5, but I didn't have all of 'em available.


-- Tim

smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Jeffrey Hutzelman Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla Re: Further MD5 breaks: Creating a rogue CA certificate, Russ Housley Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Paul Hoffman Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, RL 'Bob' Morgan RE: [saag] Further MD5 breaks: Creating a rogue CA certificate, Peter Hesse RE: [saag] Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani Message not available Re: [saag] Further MD5 breaks: Creating a rogue CA certificate, Jeffrey Hutzelman RE: [saag] Further MD5 breaks: Creating a rogue CA certificate, Peter Gutmann RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Timothy J. Miller <= RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Mike Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Mike RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Timothy J. Miller Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Dr Stephen Henson RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Timothy J. Miller RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Timothy J. Miller

Previous by Date:	RE: Further MD5 breaks: Creating a rogue CA certificate, Santosh Chokhani
Next by Date:	RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Previous by Thread:	RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Next by Thread:	RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Indexes:	[Date] [Thread] [Top] [All Lists]