On Fri, Sep 13, 2013 at 11:31:38PM +0200, Paul Wise wrote: > On Fri, Sep 13, 2013 at 10:51 PM, Kurt Roeckx wrote: > > > A self-signed cert's signature algorithm really isn't that > > important. You either trust that cert or you don't. > > Surely this work would apply to self-signed certs too? > > http://www.win.tue.nl/hashclash/rogue-ca/
Please note that there are 2 signatures involved here. One is the root CA signing itself. The other is root CA signing an other certificate, which might be an other CA. Like I said, for the self-signature it's not important. You important the public key that is part of the cert and say that you trust that. There is no need for it to sign itself other than that X509 requires a signature. If you for instance compare this to SSH, you only transfer the public key of either the user or the server. It's never signed. But the CA shouldn't use md5 to sign someone elses cert. Kurt -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130913214612.ga9...@roeckx.be
