Re: "Certification Authorities are recommended to stop using MD5 altogether"

To: bgrpt3@toplitzer.net
Cc: debian-security@lists.debian.org
Subject: Re: "Certification Authorities are recommended to stop using MD5 altogether"
From: Micah Anderson <micah@riseup.net>
Date: Wed, 31 Dec 2008 14:15:18 -0500
Message-id: <[🔎] 20081231191518.GC6475@pond>
In-reply-to: <[🔎] 200812311052.41476.bgrpt3@toplitzer.net>
References: <[🔎] 0812310232100.8102@somehost> <[🔎] 200812311052.41476.bgrpt3@toplitzer.net>

* bgrpt3@toplitzer.net <bgrpt3@toplitzer.net> [2008-12-31 05:47-0500]:
> On Mittwoch, 31. Dezember 2008, Cristian Ionescu-Idbohrn wrote:
> > http://www.win.tue.nl/hashclash/rogue-ca/
> >
> > Could some skilled person comment on the article?
> >
> > I noticed around 20 certificates distributed with the package
> > ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
> > Reason to worry?
> >
> 
> It is a problem. It's a reason to worry.
> But it is only one of many. 
> (They mentioned that in their presentation: It's a matter
> of trust :-) )
> Don't trust certificates too much.

Does anyone have a legitimate reason to trust any particular Certificate
Authority? 

micah

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- "Certification Authorities are recommended to stop using MD5 altogether"
  - From: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
- Re: "Certification Authorities are recommended to stop using MD5 altogether"
  - From: bgrpt3@toplitzer.net

Prev by Date: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Next by Date: correspondance avec toi
Previous by thread: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Next by thread: Re: "Certification Authorities are recommended to stop using MD5 altogether"
Index(es):
- Date
- Thread