Security team successfully cracks SSL using 200 PS3's and MD5
Florian Weimer
fw at deneb.enyo.de
Fri Jan 2 22:37:56 UTC 2009
* Joe Greco:
> It seems that part of the proposed solution is to get people to move from
> MD5-signed to SHA1-signed. There will be a certain amount of resistance.
> What I was suggesting was the use of the revocation mechanism as part of
> the "stick" (think carrot-and-stick) in a campaign to replace MD5-based
> certs. If there is a credible threat to MD5-signed certs, then forcing
> their retirement would seem to be a reasonable reaction, but everyone here
> knows how successful "voluntary" conversion strategies typically are.
A CA statement that they won't issue MD5-signed certificates in the
future should be sufficient. There's no need to reissue old
certificates, unless the CA thinks other customers have attacked it.
> Either we take the potential for transparent MitM attacks seriously, or
> we do not. I'm sure the NSA would prefer "not." :-)
I doubt the NSA is interested in MITM attacks which can be spotted by
comparing key material. 8-)
More information about the NANOG
mailing list