[cabfpub] iOS 8 list

Adam Langley agl at google.com
Wed Sep 24 14:38:29 UTC 2014

2014-09-24 7:10 GMT-07:00 <i-barreira at izenpe.net>:
> Still MD-2, MD-5? Roots with less than 1k length?

Extirpation of 1K RSA roots is, sadly, still an ongoing process.

The hash function used in the self-signature of the root is
immaterial. The self-signature is just there in order to make the root
fit the same format as other certificates. There's no security impact
to having an MD2 or MD5 signature on a root.



More information about the Public mailing list