Re: "Certification Authorities are recommended to stop using MD5 altogether"

To: debian-security@lists.debian.org
Subject: Re: "Certification Authorities are recommended to stop using MD5 altogether"
From: Michael Stone <mstone@debian.org>
Date: Wed, 31 Dec 2008 19:03:52 -0500
Message-id: <[🔎] 20090101000349.GM3288@mathom.us>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20081231191518.GC6475@pond>
References: <0812310232100.8102@somehost> <200812311052.41476.bgrpt3@toplitzer.net> <20081231191518.GC6475@pond>

On Wed, Dec 31, 2008 at 02:15:18PM -0500, Micah Anderson wrote:

Does anyone have a legitimate reason to trust any particular Certificate

Authority?

Of course--some charge *lots* of money, and we all know that expensivebits are better than cheap bits.


Mike Stone

Reply to: