cacert - Re: [CA cert] [Fwd: [PGPNET] SSL Broken?]

Subject: A better approach to security

List archive

Re: [CA cert] [Fwd: [PGPNET] SSL Broken?]

From: Christophe Meessen <christophe AT meessen.net>
To: A better approach to security <cacert AT lists.cacert.org>
Subject: Re: [CA cert] [Fwd: [PGPNET] SSL Broken?]
Date: Sat, 03 Jan 2009 13:58:18 +0100

Hello,

I'm a bit confused by the explanation. Where is MD5 used ? Is it used as hash inside the signature or is it used by the PKI in a validity checking shortcut ?
If it is the former, it would be good to know which CA is using MD5 signatures because this is indeed a big mistake.
If it is the later, it would also be good to know what PKI has this weakness. One needs to know if we are exposed and in what way.

It is regrettable the author uses false claims as the SSL is broken because this is confusing the reader.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Christophe Meessen, 01/03/2009
- Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Jan Pieter Cornet, 01/03/2009
  - Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Christophe Meessen, 01/03/2009
    - Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Jan Pieter Cornet, 01/03/2009
      - Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Christoph A., 01/04/2009
        
        Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], John W. Moore III, 01/05/2009
        
        Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Christophe Meessen, 01/05/2009
        
        Re: [CA cert] [Fwd: [PGPNET] SSL Broken?], Alain Knaff, 01/05/2009
        
        Re: [CA cert] SSL Broken?, Bernhard Froehlich, 01/05/2009
        
        Re: [CA cert] SSL Broken?, Alain Knaff, 01/05/2009
        Re: [CA cert] SSL Broken?, Bernhard Froehlich, 01/05/2009

List archive

Re: [CA cert] [Fwd: [PGPNET] SSL Broken?]