[cabfpub] SHA-1 identical prefix collisions

Phillip Hallam-Baker philliph at comodo.com
Sun Oct 11 01:10:17 UTC 2015

Just a heads up that this is about to hit the wires and it is a public holiday on Monday in many parts of the US.

http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/ <http://arstechnica.com/security/2015/10/sha1-crypto-algorithm-securing-internet-could-break-by-years-end/>

It really shouldn’t be cause for anyone to be alarmed. These attacks do not allow someone to forge a certificate or break TLS. Any CA that is following the guidelines on incorporating randomness will not be vulnerable even if the more powerful collision attacks are achieved.

This was anticipated and the phase out process is already in place.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20151010/7b0060b6/attachment-0002.html>

More information about the Public mailing list