On 2009-01-07 at 08:06 -0500, Cat Okita wrote: > This one's going to be messy -- check your code, check your certs... > > http://openssl.org/news/secadv_20090107.txt
On a related note, have people seen the recent demonstration that the flaws in MD5 can be used for practical attacks against the Internet PKI, such that a rogue Certificate Authority trusted by all common browsers can be created, thus undermining all checks on identity? The new hole above looks as though it's useful for a direct man-in-the-middle, but for as long as you accept certificates where a path in the trust chain uses MD5 signatures you're also up a dark creek without a paddle. Expecting users to start checking the hash algorithms for bank sites, etc, is a definite non-starter. Until the NIST competition yields a new standard hash algorithm it looks as though we're using the less-broken SHA1 for certs. http://www.win.tue.nl/hashclash/rogue-ca/ So if you're going through your certs anyway, it's probably worth checking your internal Certificate Authority cert and making sure you're not using MD5 and re-issuing certs as needed so that you're ahead of the game when browsers stop supporting MD5-based certs -- hopefully this year. -Phil _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
