[cabfpub] SHA-1 identical prefix collisions
Phillip Hallam-Baker
philliph at comodo.com
Sat Oct 10 18:10:17 MST 2015
Just a heads up that this is about to hit the wires and it is a public holiday on Monday in many parts of the US.
http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/ <http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/>
It really shouldn’t be cause for anyone to be alarmed. These attacks do not allow someone to forge a certificate or break TLS. Any CA that is following the guidelines on incorporating randomness will not be vulnerable even if the more powerful collision attacks are achieved.
This was anticipated and the phase out process is already in place.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20151010/7b0060b6/attachment.html
More information about the Public
mailing list