[openssl-users] Rejecting SHA-1 certificates
kudzu at tenebras.com
Mon Jul 10 19:07:42 UTC 2017
On Mon, Jul 10, 2017 at 10:22 AM, Viktor Dukhovni <
openssl-users at dukhovni.org> wrote:
> > On Jul 10, 2017, at 1:12 PM, Niklas Keller <me at kelunik.com> wrote:
> > It's very well worth the effort, otherwise there's a security issue,
> because certificates can be forged.
> Collision attacks don't directly lead to certificate forgery. There are
> no known 2nd-preimage attacks on SHA-1.
I'm pretty sure, but are you saying you would rather wait for a
demonstration of the weakness being turned into a practical attack?
Second pre-image attacks against reduced SHA-1 have been demonstrated. It's
only a matter of time before second pre-image resistance for full SHA-1 is
dead and buried.
"Well," Brahma said, "even after ten thousand explanations, a fool is no
wiser, but an intelligent person requires only two thousand five hundred."
- The Mahābhārata
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users