On Jan 4, 2009, at 9:11 PM, Paul Hoffman wrote:
At 9:02 AM +0200 1/4/09, Yoav Nir wrote:
Best we can do is to get the CAs to
(1) not issue MD5 certs anymore and
(2) randomize the serial number and/or
(3) and a random fluff extension that people are talking about
Just to repeat it one more time: #3 does not prevent the published
attack.
It does if the random fluff is inserted by the CA. The attack depends
on their ability to predict the entire TBS part.
But still, I don't see Microsoft removing a root CA because one of
their sub-CAs is issuing non-compliant certificates.
It is hard to see Microsoft removing or adding CAs. If anyone knows
of a public interface (mailing list, web site, whatever) for when
this happens, by all means please the world know.
I managed to find a page with their policy on adding new root CAs.
Nothing there about removing old root CAs.
And if Microsoft don't, nobody else will. The Firefox/Opera/Safari/
Chrome people don't want any sites that "only work with Explorer".
At least with respect to Firefox, I think that statement is false.
They've done quite a bit to render broken sites that were made for IE.
Also, I've updated today and all the "bad" CAs with MD5 signatures are
still in the TAS.
Email secured by Check Point