ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

2008-12-31 12:15:43
from [Mike] [Permanent Link] 


We are simply not vigilant enough.  This issue has been on our plate
since 2004.

SHA-1 is next and neither the client side vendors nor the big
Enterprises have pushed to move to SHA-256.


There is a simple fix -- a CA can just reorder the extensions prior
to issuing a certificate.

Mike
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Tim Moses
Next by Date:  Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Mike
Previous by Thread:  RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Next by Thread:  Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Mike
Indexes:  [Date] [Thread] [Top] [All Lists]