ietf-smime
[Top] [All Lists]

RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

2008-12-31 10:31:29

We are simply not vigilant enough.  This issue has been on our plate
since 2004.

SHA-1 is next and neither the client side vendors nor the big
Enterprises have pushed to move to SHA-256.

-----Original Message-----
From: Timothy J. Miller [mailto:tmiller(_at_)mitre(_dot_)org] 
Sent: Wednesday, December 31, 2008 10:18 AM
To: Santosh Chokhani
Cc: ietf-pkix(_at_)imc(_dot_)org; ietf-smime(_at_)imc(_dot_)org; 
cfrg(_at_)irtf(_dot_)org; saag(_at_)ietf(_dot_)org
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue
CAcertificate

Santosh Chokhani wrote:
One would think we want to start using SHA-1 or even SHA256 (assuming
client vendors implement SHA256 ASAP) and ask the CAs emanating from
commercial roots to perform responsible I&A before issuing
certificates.

Speaking of I&A, I found it interesting to note that the CA/Browser 
forum guidelines for EV certs allows (but recommends against) MD5 until 
2010.

The spot check of EV issuers I did yesterday didn't turn up anyone 
actually using MD5, but I didn't have all of 'em available.

-- Tim

<Prev in Thread] Current Thread [Next in Thread>