SHA1 collisions proven possisble

Chris Adams cma at
Mon Feb 27 14:18:35 UTC 2017

Once upon a time, valdis.kletnieks at <valdis.kletnieks at> said:
> There's only 2 certs.  You generate 2 certs with the same hash, and *then* get
> the CA to sign one of them.

The point is that the signed cert you get back from the CA will have a
different hash, and the things that they change that cause the hash to
change are outside your control and prediction.

Chris Adams <cma at>

More information about the NANOG mailing list