Security by asking the drunk whether he's drunk
Sidney Markowitz
sidney at sidney.com
Tue Dec 30 16:21:11 EST 2008
Sidney Markowitz wrote, On 31/12/08 10:08 AM:
> or that CA root certs that use MD5 for their hash are
> still in use and have now been cracked?
I should remember -- morning coffee first, then post.
The CA root certs themselves have not been cracked -- It is the digital
signatures created by some CAs who still use MD5 to sign the certs that
they issue that have been hacked: The known weakness in MD5 allows one
to create two certs with the same MD5 hash, one that is legitimate to
get signed by the CA, and another one for rogue use that can be given
the same signature.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list