On 30/12/08 18:19, Ben Bucksch wrote:
On 30.12.2008 17:39, Nelson B Bolyard wrote:
The upshot of this is probably going to be that, in a short time, all
the world's browsers (and PKI software in general) stop supporting MD5
for use in digital signatures.
What is MD2? Is that a weaker predecessor of MD5?
Yes, MD stands for Message Digest, and is generally the series that were
created by Ron Rivest. Also see RC4, RC6, where RC stands for Ron's Cipher.
Yet, when I went through the cert store, I see not only MD5 certs, but
MD2 certs as well. Partially from VeriSign. How comes? Why were they not
removed? Surely there was plenty of time to renew any cert issued under
them in the meantime.
I guess they should both be deprecated.
Really, we should be moving to SHA2 at the moment, but there are
problems with a lot of software not supporting it.
If I was Mozilla (!) I would do the following:
* select a date by which all MD5 certs is to be declared broken
Softare updated after that time blows up when seeing an MD5.
* select a date soon after by which all SHA1 certs be declared broken
Software updated after that time will wipe the hard drive when a
SHA1 is spotted within range...
* announce this widely!!!
Give SHA1 at least a year, I'd say. MD5 can go ... today?
Lucky I'm not Mozilla :)
iang
PS: this does not apply to top-level roots. The hash/sig on those is
cosmetic. But subroots will also have
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
