A better approach to security

[Christophe Meessen <christophe AT meessen.net>]

Christoph A. a écrit :
> Jan Pieter Cornet wrote:
>   
> > It's rather hard for end-users to detect
> > these certificates (if not impossible)
> >     
>
> SSL Blacklist now detects and warns about certificate chains that use
> the MD5 algorithm for RSA signatures.
>
> http://www.codefromthe70s.org/sslblacklist.asp

If I understood correctly, the problem is the generation of forged 
certificates with the same MD5 as a genuine certificate by exploiting 
MD5 collisions. Setting the CA flag in this forged certificate allows to 
sign other certificates on behalf of the rootCA.

So every certificat signed by its CA with the MD5 hash (or MD2 !!)  is 
suspect.

It should be enough to get rid of the rootCA using MD5, MD2 or worse to 
secure oneself because the chain of certification will be cut at the 
root. Any certificate deriving from those will be flagged as 
unverifiable. Looking at the rootCA certificat details, there is a field 
telling the hash algorithm used for signing. So it should be easy to 
recongnize the one using unsecure hash.

Is that assumption valid ?

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature