Colleagues - It has been confirmed that no EV issuer is signing certificates
with MD5. Also, EV certificates cannot be issued by an automated process,
putting another obstacle in the path of an attacker. All the best. Tim.
Tim Moses
+1 613 270 3183
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Timothy J.
Miller
Sent: Wednesday, December 31, 2008 10:18 AM
To: Santosh Chokhani
Cc: ietf-pkix(_at_)imc(_dot_)org; ietf-smime(_at_)imc(_dot_)org;
cfrg(_at_)irtf(_dot_)org; saag(_at_)ietf(_dot_)org
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate
Santosh Chokhani wrote:
One would think we want to start using SHA-1 or even SHA256 (assuming
client vendors implement SHA256 ASAP) and ask the CAs emanating from
commercial roots to perform responsible I&A before issuing certificates.
Speaking of I&A, I found it interesting to note that the CA/Browser forum
guidelines for EV certs allows (but recommends against) MD5 until 2010.
The spot check of EV issuers I did yesterday didn't turn up anyone actually
using MD5, but I didn't have all of 'em available.
-- Tim
smime.p7s
Description: S/MIME cryptographic signature