ietf-smime
[Top] [All Lists]

Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CAcertificate

2009-01-04 16:37:38

On Jan 4, 2009, at 9:11 PM, Paul Hoffman wrote:

At 9:02 AM +0200 1/4/09, Yoav Nir wrote:
Best we can do is to get the CAs to

(1) not issue MD5 certs anymore and
(2) randomize the serial number and/or
(3) and a random fluff extension that people are talking about

Just to repeat it one more time: #3 does not prevent the published attack.

It does if the random fluff is inserted by the CA. The attack depends on their ability to predict the entire TBS part.

But still, I don't see Microsoft removing a root CA because one of their sub-CAs is issuing non-compliant certificates.

It is hard to see Microsoft removing or adding CAs. If anyone knows of a public interface (mailing list, web site, whatever) for when this happens, by all means please the world know.

I managed to find a page with their policy on adding new root CAs. Nothing there about removing old root CAs.

And if Microsoft don't, nobody else will. The Firefox/Opera/Safari/ Chrome people don't want any sites that "only work with Explorer".

At least with respect to Firefox, I think that statement is false.

They've done quite a bit to render broken sites that were made for IE. Also, I've updated today and all the "bad" CAs with MD5 signatures are still in the TAS.

Email secured by Check Point

<Prev in Thread] Current Thread [Next in Thread>