Tuesday, December 30, 2008

why were you using MD5 anyway?

Just published at the CCC is a documented attack on PKIs with CAs that use the MD5 hash algorithm.   Its been known for some time that using MD5 is a mistake - perhaps soon someone will build a browser plug-in to generically warn if any of your certs base trust on MD5. 

Here are the details in a well-written paper - creating a rogue CA certificate.

Update: the estimable Ed Felten explains this issue in real world terms: http://www.freedom-to-tinker.com/blog/felten/researchers-show-how-forge-site-certificates

No comments: