On 9/1/09 18:02, Paul Hoffman wrote:
At 11:41 PM +0100 1/8/09, Jan Schejbal wrote:
With that definition, SHA-1 is also not secure: its collision resistance has be
reduced from 2^80 to 2^60ish by similar attacks as for MD5.
Yes, the writing is on the wall for SHA-1 as well, and has been since
2005 or so.
Are you saying that we have to deactivate signature validation for certs signed
with SHA-1 as well?
In the same announcement, I would send a warning shot:
SHA1 will face the same fate within the next year or two.
We don't know when, but we are also moving to phase out
SHA1, and in future releases SHA1 certs may be rejected.
No date set as yet, but be warned!
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
