At 6:51 PM +0100 1/8/09, Jan Schejbal wrote: >As the MD5 algorithm is obviously not secure anymore,
This statement is not based on reality, so the rest of the message does not follow. MD5 is not secure for applications that blindly sign inputs from non-trusted parties that can predict the content of the part of the message before the submitted text. This is an attack on the collision-resistance of the function. There have been no published practical attacks on the primage-resistance of MD5. >MD5 signature support should be removed as soon as reasonably possible. ...and it goes down hill from there... _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
