On 06/22/2009 11:23 PM, Kyle Hamilton:
We've already had discussion why MD5 on the root isn't worrisome or bothersome. I'm assuming that there are no attributes of the certificate which contains the trust anchor which are actually checked, and that the trust-bits are effectively set on the key included in the certificate itself?
I don't think those keys can be broken in such a way that sub ordinate certificates may be issued by an attacker....but is there an estimate if and when this would be possible?
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: start...@startcom.org Blog: https://blog.startcom.org -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
