[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SHA1 collisions proven possisble
On Mon, 27 Feb 2017 01:15:28 -0500, "Patrick W. Gilmore" said:
> In the example above, the CA knows the SHA-1 hash of the cert it issued. (We
> are assuming there is a CA which still does SHA-1.) How do you get that CA to
> believe the two OTHER certs with DIFFERENT hashes you have to create so you
> can have two docs with the same hash?
There's only 2 certs. You generate 2 certs with the same hash, and *then* get
the CA to sign one of them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170227/39b80924/attachment.pgp>