[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SHA1 collisions proven possisble
Once upon a time, valdis.kletnieks at vt.edu <valdis.kletnieks at vt.edu> said:
> There's only 2 certs. You generate 2 certs with the same hash, and *then* get
> the CA to sign one of them.
The point is that the signed cert you get back from the CA will have a
different hash, and the things that they change that cause the hash to
change are outside your control and prediction.
--
Chris Adams <cma at cmadams.net>