Le mardi 19 juillet 2016 22:05:13 UTC+2, Andrew Whalley a écrit : > Greetings, > > I have run the tool provided by dr.ir. Marc Stevens [1] on the > tbsCertificates provided by Symantec [2] > > And see no evidence of collisions: > > $ ./sha1dcsum_partialcoll *.tbs > 6ead26663275c388662dfdbc23ff0a76cdcf74dc ssl1.tsysacquiring.net.1.tbs > 3365793f36c197047b2f595c0f85c67b807c765f ssl1.tsysacquiring.net.2.tbs > 3c47155a5d9880a6893925e1c4479f914b3b9ffe ssl1.vitalps.net.1.tbs > d130d1a8c51bce7323ba984b2f6298d0750405f4 ssl1.vitalps.net.2.tbs > c9eb52c30bfaaaba5a1e060723e3c9e4b25f7b1e ssl2.vitalps.net.1.tbs > 3698794f1cabc3036380cc2adbc2805393098c45 ssl2.vitalps.net.2.tbs > e7233e69a89b6b7568f790482b73f635d2464a95 ssl3.vitalps.net.1.tbs > 9c7bbae0fc9b08c5304908bd956c5b4b37c4e1c7 ssl3.vitalps.net.2.tbs > > I'd be interested to know if anybody else replicates this.
For whatever the result means, I do replicate it, using the trunk version. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy