On 17/11/16 16:44, Andrew Ayer wrote: > If CAs really have to keep signing attacker-controlled non-certificate > data with SHA-1,
Perhaps what we need is a collection of use cases? What do people need to sign which is not a cert? * OCSP response * CRL What else? And what parts of those things could be attacker-controlled? And how can the risk of signature transfer be mitigated? Gerv _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
