On 01/22/2009 03:56 PM, Ian G:
LOL, this isn't a theoretical weakness, you can download all compromised
keys by yourself. They are widely published.
It's a theoretical weakness until you see evidence of damages.
Ian, I'm somewhat tired arguing about this...but here is my take on this:
Supposed you own a car which has the flaw that once in a while the
engine explodes in a huge fireball. Now the vendor of the car knows
about it and recalls all cars for a fix. Otherwise the car vendor would
be liable to any damage their cars may so - specially since he is aware
of the flaw. The public knows about the potential flaw by now already,
and the owners of the car may have heard about it too. Failing to recall
the cars and offering a fix might have consequences.
Now compare this example to that of the weak keys. And here comes Ian
and says, it's only a theoretical weakness until your car explodes and
you've seen the evidence of damages. Well, boy, go ahead, drive your car
(or weak keys) and thankfully you aren't running a CA.
So in your eyes there would be no reason to disallow MD5 hashes either
since no evidence of damage exists, right? The software vendors think
apparently different about it and thankfully you aren't a browser vendor
either...
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
