Re: "Certification Authorities are recommended to stop using MD5 altogether"
Cristian Ionescu-Idbohrn wrote:
> Could some skilled person comment on the article?
> I noticed around 20 certificates distributed with the package
> ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
> Reason to worry?
(I'm one of the authors of that research)
It's not entirely terrible (yet) that certificate authorities sign their
own certificate with MD5. If and when a second preimage attack becomes a
reality for MD5; it will be very bad news indeed...