I am a bit concerned about random goo when random goo is one of the
things the attacker uses to cause collision. This may limit human or
machine's ability to discern mischief.
-----Original Message-----
From: owner-ietf-pkix(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-pkix(_at_)mail(_dot_)imc(_dot_)org]
On Behalf Of Dr Stephen Henson
Sent: Wednesday, December 31, 2008 1:12 PM
To: ietf-pkix(_at_)imc(_dot_)org
Cc: ietf-smime(_at_)imc(_dot_)org; cfrg(_at_)irtf(_dot_)org;
saag(_at_)ietf(_dot_)org
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue
CAcertificate
Mike wrote:
I sent my last message a bit too hastily. Other ideas that I was
contemplating should have been mentioned including:
- remove any unrecognized extensions
- remove tumors
Those could potentially cause problems if for some reason they were
actually needed. This one, though, shouldn't cause trouble:
- add a private EKU with a random number (or two) in the OID
That would not mess up the serial number scheme in use or modify the
subject name as has been suggested.
Or add a non-critical extension with some randomness in it...
Steve.
--
Dr Stephen N. Henson.
Core developer of the OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson(_at_)drh-consultancy(_dot_)co(_dot_)uk, PGP key: via homepage.