SHA1 collisions proven possisble
cma at cmadams.net
Mon Feb 27 14:18:35 UTC 2017
Once upon a time, valdis.kletnieks at vt.edu <valdis.kletnieks at vt.edu> said:
> There's only 2 certs. You generate 2 certs with the same hash, and *then* get
> the CA to sign one of them.
The point is that the signed cert you get back from the CA will have a
different hash, and the things that they change that cause the hash to
change are outside your control and prediction.
Chris Adams <cma at cmadams.net>
More information about the NANOG