[cabfpub] SHA-1 Collision Found
Ryan Sleevi
sleevi at google.com
Thu Feb 23 20:49:51 UTC 2017
https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
and https://shattered.it
This is consistent with many timelines previously shared and estimated
cost. However, please do consider reading the paper - the estimated cost
ended up being what it was in a large part due to the heavy CPU usage for
the first phase, compared to the more computationally complex second phase
which was optimized for GPUs. Had the first phase been similarly optimized
for GPUs, both the time and the cost could have dramatically decreased.
With the release of the code in 90 days, it's reasonable to expect such
optimizations both in public and private.
I note that SHA-1 deprecation did not come about because of the CA/Browser
Forum taking a concentrated effort to improve security; it came about
because a Browser member - Microsoft - was willing to make the difficult
decision of taking unilateral action in the absence of Forum consensus.
While Ballot 118 only had the recorded objection of SECOM Systems, it's
very easy to find the discussions leading up to such a vote in which,
because Microsoft had already required it, it was seen as a foregone
inevitability.
Ballot 118 - ratified 16 October 2014 - took nearly a year to normalize
what a root program was already requiring, as of 12 November 2013 -
https://technet.microsoft.com/en-us/library/security/2880823.aspx
It is quite unfortunate that the Forum followed, rather than lead, with the
Baseline Requirements, and though this has long been the trend in the
Forum, I do hope CA members collectively reevaluate the duty to care for
Internet security, even when it makes things difficult for them. Hopefully,
by doing so, we can better use the Forum to bring up actionable, concrete
concerns with Browsers' proposed timelines, ideally agreeing to codify them
in the Baseline Requirements. We can only achieve that goal if CAs commit
to sharing meaningful, actionable, concrete feedback, rather than anecdata
and questionable surveys, so that Browsers can make informed and considered
decisions on balancing the tradeoffs between site operators, CAs, and the
billions of relying parties.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170223/43e12961/attachment.html>
More information about the Public
mailing list