CAcert Code Development list.

[Bernhard Fröhlich <bernhard AT cacert.org>]

Hi fellows,

the basic problem with SHA-1 has already been known for some time, but now in https://bugs.cacert.org/view.php?id=1473 there is a report about a feasible collition attack costing only several 10k US-$ per signature.

As also reported in this issue, we still use SHA-1 for PGP/GPG key signatures, and though this specific attack won't work for CAcert keys the current situation IMHO is not acceptable for much longer anymore.

Now it has been quite some time when I worked wit GPG, so can anyone make some proposal about how to proceed? Specifically I have the following questions:

• Which version is needed to use a more current signature algorythm?
• Which version do we have installed on the signer server? (I can probably find this out myself, but it will be some work...)
• What would be the changes needed? Is a different command line needed or would a new version automatically use a new algorythm?

An alternative to fixing the problem would also be to disable GPG signing, temporarily or forever. This would be a "political" decision made by board or policy group, but they'll need some "technical opinions" to discuss about.

As far as I am concerned, GPG signing is not very useful for me. And some chatter seems to imply that at least key servers and "large scale key signing" is being deprecated more and more. So are there any other opinions?

Kind regards
Ted

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature