My two cents: Trust anchors don't particularly need to have their hashes secure, because they're obtained through a process other than comparing their hash to an encrypted copy of the hash. It's certificates which are NOT trust anchors which are subject to the problem.
-Kyle H On Tue, Dec 30, 2008 at 1:38 PM, Ian G <i...@iang.org> wrote: > On 30/12/08 22:16, Nelson B Bolyard wrote: >> >> Paul Hoffman wrote, On 2008-12-30 12:43: > >> Well, of course, it's not the signature on the root CA cert itself that >> matters. It's the signature algorithm used on the certs issued by the >> root. And the issuer is always free to change that whenever they wish. >> (Maybe they would have to change their CP/CPS if they did that.) No >> change to the trust anchor itself is required. > > > That is as I understood (and I was surprised at Paul's comment, it seems > backwards?) > > > > Either way, is there any difficulty with announcing today that NSS is going > to deprecate MD5 and earlier algorithms, totally, for all purposes, > including Firefox and Thunderbird. > > (Leave off the date as to when the rejection will take effect.) > > The point is not when NSS does it, or when Firefox does it, but when all the > CAs stop issuing them, and replace them. The more noise we make now, the > earlier they are likely to act. > > (figure out a date later...) > > I propose it be announced today if not sooner ! > > Votes, disagreements? > > > > iang > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto