[Top] [All Lists]

Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]

2010-06-10 12:33:53
On Thu, 10 Jun 2010, Simon Josefsson wrote:

A self-signed trust root with MD2 is not a security problem by itself:
it is not the digital signature that is trusted, it is the public key in
the certificate.  The MD2 roots are still shipped and trusted in several
modern packages (e.g., Ubuntu 10.04 LTS ca-certificates).

No, it absolutely *is* a security problem. Should someone develop a preimage attack on MD2, all they need do is move the (valid) MD2 signature to an intermediate cert with BasicConstraints CA=yes, and then they have themselves a CA.

smime mailing list

<Prev in Thread] Current Thread [Next in Thread>