ietf-smime
[Top] [All Lists]

RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

2008-12-31 14:06:56

You have some time there and work with client vendors to implement
SHA-256 and next generation SHA.

I would support a random value extension if clients checked for it.

-----Original Message-----
From: Timothy J. Miller [mailto:tmiller(_at_)mitre(_dot_)org] 
Sent: Wednesday, December 31, 2008 1:54 PM
To: Santosh Chokhani
Cc: Dr Stephen Henson; ietf-pkix(_at_)imc(_dot_)org; 
ietf-smime(_at_)imc(_dot_)org;
cfrg(_at_)irtf(_dot_)org; saag(_at_)ietf(_dot_)org
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue
CAcertificate

Santosh Chokhani wrote:

So, if you are relying on CAs, why not ask them to switch to SHA-1 as
opposed to adding more software to the CA.  SHA-1 is purely a
configuration item for the CA deployments.

Because someday SHA-1 (and SHA-2, or any hash algorithm) may be subject 
to a similar collision generation attack, and the presence of 
unpredictable data in the cert will defeat it as well.

Just trying to be proactive here.

-- Tim

<Prev in Thread] Current Thread [Next in Thread>