Colleagues - It has been confirmed that no EV issuer is signing certificates
with MD5. Also, EV certificates cannot be issued by an automated process,
putting another obstacle in the path of an attacker. All the best. Tim.
+1 613 270 3183
[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Timothy J.
Sent: Wednesday, December 31, 2008 10:18 AM
To: Santosh Chokhani
Cc: ietf-pkix(_at_)imc(_dot_)org; ietf-smime(_at_)imc(_dot_)org;
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate
Santosh Chokhani wrote:
One would think we want to start using SHA-1 or even SHA256 (assuming
client vendors implement SHA256 ASAP) and ask the CAs emanating from
commercial roots to perform responsible I&A before issuing certificates.
Speaking of I&A, I found it interesting to note that the CA/Browser forum
guidelines for EV certs allows (but recommends against) MD5 until 2010.
The spot check of EV issuers I did yesterday didn't turn up anyone actually
using MD5, but I didn't have all of 'em available.
Description: S/MIME cryptographic signature