http://emperor.tidbits.com/webx/tidbits-talk Users" was timely, but I'm afraid that his closing statement -- "I
expect this particular problem will disappear as a potential threat in
a matter of weeks" -- is rather optimistic.

It is true that, for the certificate authority, the switch from MD5 to
SHA-* should be a relatively simple matter. Alas, that won't make the
problem go away. Browsers don't check with the CA to verify a
certificate, they simply validate each site's certificate against
(ultimately) a root certificate that was included with the browser
when it shipped. Once someone has a forged CA certificate, they can
create any number of bogus site certificates that appear to be validly
signed by a legitimate CA. All current browsers will recognize these
certificates as valid, whether or not the CA switches to a more secure
hash algorithm.

A fix by the CA isn't enough. All current browsers would have to be
patched to warn when encountering a certificate signed by a CA using
MD5. It's more than just IE, Firefox, Safari, Opera, and Konqueror --
all SSL-secured applications (Glenn mentions Quicken, for one example)
would have to be fixed as well.

Most current owners of certificates issued using MD5 CA certs (I'm
among that group) would have to get new certs issued. If they don't,
people will just learn to ignore the browsers' warnings about MD5
certificates.

This issue is likely to be with us for a while. And it makes the DNS
cache-poisoning flaw, which I previously considered a tempest in a
teapot, a much more serious threat.

--Ron
www.risley.net
]]> Fri, 09 Jan 2009 23:01:58 GMT Web Crossing(r) Unix-v6.0 built Oct 8 2008 13:12:02 (source:1163 2008-09-24 11:42:21 -0700)/Macintosh-OSX-10.4-6.0 (http://webcrossing.com/) http://backend.userland.com/rss