Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]

ietf-smime

Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]

2010-06-10 12:33:53

On Thu, 10 Jun 2010, Simon Josefsson wrote:

A self-signed trust root with MD2 is not a security problem by itself:
it is not the digital signature that is trusted, it is the public key in
the certificate.  The MD2 roots are still shipped and trusted in several
modern packages (e.g., Ubuntu 10.04 LTS ca-certificates).

No, it absolutely *is* a security problem. Should someone develop apreimage attack on MD2, all they need do is move the (valid) MD2 signatureto an intermediate cert with BasicConstraints CA=yes, and then they havethemselves a CA.



--Len.
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Sean Turner Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Peter Gutmann Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Joe Touch Re: [smime] [pkix] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Tom Gindin Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Sean Turner Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Len Sassaman Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Len Sassaman <= Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Len Sassaman Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Santosh Chokhani Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Peter Gutmann Re: [smime] [Cfrg] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Len Sassaman Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Dr Stephen Henson Re: [smime] [pkix] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Peter Gutmann Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], SM Re: [smime] [pkix] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Andrea Caccia

Previous by Date:	Re: [smime] [saag] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Joe Touch
Next by Date:	Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Len Sassaman
Previous by Thread:	Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson
Next by Thread:	Re: [smime] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt], Simon Josefsson
Indexes:	[Date] [Thread] [Top] [All Lists]