"Certification Authorities are recommended to stop using MD5 altogether"

To: debian-security@lists.debian.org
Subject: "Certification Authorities are recommended to stop using MD5 altogether"
From: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Date: Wed, 31 Dec 2008 02:39:53 +0100 (CET)
Message-id: <[🔎] 0812310232100.8102@somehost>
Reply-to: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>

http://www.win.tue.nl/hashclash/rogue-ca/

Could some skilled person comment on the article?

I noticed around 20 certificates distributed with the package
ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
Reason to worry?


Cheers,

-- 
Cristian

Reply to:

Follow-Ups:
- Re: "Certification Authorities are recommended to stop using MD5 altogether"
  - From: bgrpt3@toplitzer.net
- Re: "Certification Authorities are recommended to stop using MD5 altogether"
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: felicitation!!!
Next by Date: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Previous by thread: felicitation!!!
Next by thread: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Index(es):
- Date
- Thread