Twitter | Pretraživanje | |
Andrew Ayer 7. sij
You calculate a SHA-1 chosen prefix and you choose to attack the PGP Web-of-Trust!? Come on, forge an OCSP response from a publicly-trusted CA instead!
Reply Retweet Označi sa "sviđa mi se"
Andrew Ayer 7. sij
Odgovor korisniku/ci @__agwa
I haven't scanned OCSP responders in a while, but I'm sure there are still CAs signing OCSP responses with SHA-1, because it was never forbidden, and CAs will keep doing something dangerous as long as it's not forbidden.
Reply Retweet Označi sa "sviđa mi se"
Andrew Ayer
Hopefully the SHA-1 OCSP responses are all signed from a sub-CA technically constrained to OCSP (as required by Mozilla policy) so it can't be used to forge an actual certificate.
Reply Retweet Označi sa "sviđa mi se" More
Tomas Hidalgo 7. sij
Odgovor korisniku/ci @__agwa
Hi Andrew, I understood that the Ocsp answer must be issued from the same sub-ca that issues the final certificate... Is your sentence 100% correct? Thanks!
Reply Retweet Označi sa "sviđa mi se"
Andrew Ayer 7. sij
Odgovor korisniku/ci @tommy_hs
Yes, I'm correct. See Section 2.6 of RFC6960.
Reply Retweet Označi sa "sviđa mi se"