[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "Certification Authorities are recommended to stop using MD5 altogether"

Cristian Ionescu-Idbohrn wrote:
> http://www.win.tue.nl/hashclash/rogue-ca/
> Could some skilled person comment on the article?
> I noticed around 20 certificates distributed with the package
> ca-certificates have "Signature Algorithm: md5WithRSAEncryption".
> Reason to worry?


(I'm one of the authors of that research)

It's not entirely terrible (yet) that certificate authorities sign their
own certificate with MD5. If and when a second preimage attack becomes a
reality for MD5; it will be very bad news indeed...


Reply to: