Re: "Certification Authorities are recommended to stop using MD5 altogether"
Cristian Ionescu-Idbohrn wrote:
> http://www.win.tue.nl/hashclash/rogue-ca/
>
> Could some skilled person comment on the article?
>
> I noticed around 20 certificates distributed with the package
> ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
> Reason to worry?
>
>
Hi,
(I'm one of the authors of that research)
It's not entirely terrible (yet) that certificate authorities sign their
own certificate with MD5. If and when a second preimage attack becomes a
reality for MD5; it will be very bad news indeed...
Best,
Jacob
Reply to: