nanog mailing list archives

Re: SHA1 collisions proven possisble

From: valdis.kletnieks () vt edu
Date: Mon, 27 Feb 2017 04:14:38 -0500

On Mon, 27 Feb 2017 01:15:28 -0500, "Patrick W. Gilmore" said:

In the example above, the CA knows the SHA-1 hash of the cert it issued. (We
are assuming there is a CA which still does SHA-1.) How do you get that CA to
believe the two OTHER certs with DIFFERENT hashes you have to create so you
can have two docs with the same hash?


There's only 2 certs.  You generate 2 certs with the same hash, and *then* get
the CA to sign one of them.

Attachment: _bin
Description:

Current thread:

Re: SHA1 collisions proven possisble, (continued)
- - - Re: SHA1 collisions proven possisble Nick Hilliard (Feb 26)
    - Re: SHA1 collisions proven possisble Brett Frankenberger (Feb 26)
    - Re: SHA1 collisions proven possisble Matt Palmer (Feb 26)
    - RE: SHA1 collisions proven possisble Keith Medcalf (Feb 26)
    - RE: SHA1 collisions proven possisble Jon Lewis (Feb 27)
    - Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 27)
    - Re: SHA1 collisions proven possisble Patrick W. Gilmore (Feb 26)
    - Re: SHA1 collisions proven possisble Eitan Adler (Feb 26)
    - Re: SHA1 collisions proven possisble Randy Bush (Feb 27)
    - Re: SHA1 collisions proven possisble Matt Palmer (Feb 26)
    - Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 27)
    - Re: SHA1 collisions proven possisble Chris Adams (Feb 27)
  - Re: SHA1 collisions proven possisble Tei (Feb 24)