SHA1 collisions proven possisble

Randy Bush randy at
Mon Feb 27 09:03:40 UTC 2017

> 1. Create a certificate C[ert] for a single domain you control with hash h(c).
> 2. Create a second certificate A[ttack] marked as a certificate
>    authority such that h(C) = h(A).
> 3. Have a certificate authority sign cert C
> 4. Present the signature for A along with A for whatever nefarious
>    purpose you want.

luckily, step 2 can be done in a minute on a raspberry pi

More information about the NANOG mailing list