amungus
Premium
join:2004-11-26
America
clubs:
| reply to TKJunkMail
Re: SSL security flaw with MD5 certificates announces today
When looking at the details for "Certificate Signature Algorithm" for gmail, I see:
"PKCS #1 SHA-1 With RSA Encryption"
The "general" tab simply shows both SHA-1 and MD5 fingerprints.
Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all???
If these are still vulnerable, what a headache it will be to update all kinds of certificates. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
2 edits | said by amungus  :When looking at the details for "Certificate Signature Algorithm" for gmail, I see: "PKCS #1 SHA-1 With RSA Encryption" The "general" tab simply shows both SHA-1 and MD5 fingerprints.
Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all??? If these are still vulnerable, what a headache it will be to update all kinds of certificates. According to the news item MD5 & SHA1 have the same vulnerability exposure.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? |
|
Sir Meowmix III
| said by TKJunkMail :According to the news item MD5 & SHA1 have the same vulnerability exposure. I do not see this to be the case in my reading. I show that only those signed with MD5 are vulnerable, not those with SHA-1. Even Microsoft seems to indicate this as well, although they're certainly not authoritative source in security.
quote:
Microsoft is not aware of any active attacks using this issue and is actively working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm.
|
|
amungus
Premium
join:2004-11-26
America
clubs:
| That's how I read it too... which is why I still think the question has some merit.
Barring SHA-1 only hashes, what's the story if you see both??? Is it still (more) secure when both are present, or is it completely irrelevant if one is breakable?
As for the browser idea... that's not a bad thought, but I don't think it'd work as smoothly - it's also incumbent on the user to patch their browser. Would be a more "certain" solution if the server certs themselves were guaranteed to be not using MD5.
Once that's done, the browser wouldn't care. There simply wouldn't be any MD5 hash present to begin with, which would then eliminate the chance of having an insecure hash being present... |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| reply to amungus
The "general" tab simply shows both SHA-1 and MD5 fingerprints.
Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all??? One should distinguish between the fingerprint and the hash used in the signature. Only one hash is used in the digital signature. Any hash of choice could later be used as a fingerprint.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.5 |
|
amungus
Premium
join:2004-11-26
America
clubs:
| Thanks for the clarification on that 
In short, TK's screenshot is what I was originally looking at - hence confusion...
Here's a screenshot of what the quotes I referenced are talking about - how to see what algorithm is being used on the signature. |
|
