I am a bit concerned about random goo when random goo is one of the
things the attacker uses to cause collision. This may limit human or
machine's ability to discern mischief.
On Behalf Of Dr Stephen Henson
Sent: Wednesday, December 31, 2008 1:12 PM
Cc: ietf-smime(_at_)imc(_dot_)org; cfrg(_at_)irtf(_dot_)org;
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue
I sent my last message a bit too hastily. Other ideas that I was
contemplating should have been mentioned including:
- remove any unrecognized extensions
- remove tumors
Those could potentially cause problems if for some reason they were
actually needed. This one, though, shouldn't cause trouble:
- add a private EKU with a random number (or two) in the OID
That would not mess up the serial number scheme in use or modify the
subject name as has been suggested.
Or add a non-critical extension with some randomness in it...
Dr Stephen N. Henson.
Core developer of the OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson(_at_)drh-consultancy(_dot_)co(_dot_)uk, PGP key: via homepage.