[cabfpub] Proposal of a SHA-1 exception procedure

Ryan Sleevi sleevi at google.com
Thu Jun 16 13:42:19 MST 2016


On Thu, Jun 16, 2016 at 1:04 PM, Dean Coclin <Dean_Coclin at symantec.com>
wrote:
>
> In order to cryptanalysis, the certificate contents themselves would have
> to be revealed. Are you saying that with the full contents of the
> tbsCertificate, it would not be patently obviously that it's Dean Coclin's
> Really Valuable Credit Card Processing Center that needs it?
>
>
>
>  >>I thought about that, but then I said to myself, why would that be
> listed as a separate question? Then again, maybe my certificate is a DV
> that has a domain of “merchant-data-services.us”
>

Do you think it would be relevant to the PKI ecosystem if the domain was
haha-we-found-a-collision-you-cryptonerds-couldnt-find.nsa.gov? If the
requester was the NSA?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160616/3a36f2cd/attachment.html 


More information about the Public mailing list