Re: "Certification Authorities are recommended to stop using MD5 altogether"
* Cristian Ionescu-Idbohrn:
> I noticed around 20 certificates distributed with the package
> ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
> Reason to worry?
These are self-signatures and typically not checked anyway. When
these CA certificates are used to issue other certificates, they can
use SHA-1, and are not restricted to MD5. (Same comment applies to
the certificates with MD2 self-signatures.)
Only the CA knows if it still issues certificates with MD5 signatures.