Sam Morris <sam@robots.org.uk> writes: > Maybe in a few years, NSS will have disabled the use of MD5 and the > ancient MD2 algorithm. I wonder how many other insecure algorithms are > still lurking in NSS, OpenSSL, GNU TLS, Java, etc... In GnuTLS, we decided in 2005 that certificate signatures with MD5 should be rejected because MD5 was not a good hash function any more. /Simon