On Wed, Aug 17, 2016 at 09:55:24AM -0700, Ryan Sleevi wrote: > > I don't think adding that CA certificate to OneCRL is enough, that would > > only protect Mozilla users. They should revoke all the relevant > > certificates. > > Define "relevant"? If a SHA-1 collision has been mounted, Hongkong Post > revoking those SHA-1 certs does nothing, because the attacker can manipulate > the serial number of the colliding certs. The only level at which any > meaningful action can be taken is at the "1 - 10" CA layer - revoking that > intermediate, such as by OneCRL and by Hongkong Post's CRL. The rest would > just be for show, not security.
It's my understanding that the attack depends on the serial being predictable, since it's at the start of the certificate. But I guess they might not need the whole serial to match, I have no idea at which point it starts to get more practicle to attack. Kurt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy