On 30.12.2008 17:49, Chris Hills wrote:
On 30/12/08 17:47, Nelson B Bolyard wrote:
I meant to add: The paper with the real facts is seen at
http://www.win.tue.nl/hashclash/rogue-ca/
In the meantime, could a list of the affected CA's be made available
so that we may remove the trust bits from our own certificate stores?
FWIW, you can check it yourself (it's a bit laborious, due to the many
root certs, which is part of the problem):
Firefox/Thunderbird Preferences | Advanced | Certificates | View
Certificates | Authorities | select the cert | doubleclick or View... |
Details | Certificate Signature Algorithm
To remove one, you can either Edit... (back on cert list dialog) and
uncheck all trust, or Delete... it (which has the same effect: it comes
back when you re-enter the dialog, but then with all trust unchecked).
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
