[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [saag] Another bad day at the hash function factory

To: Jean-Marc Desperrier <jmdesp@xxxxxxx>
Subject: Re: [saag] Another bad day at the hash function factory
From: Eric Rescorla <ekr@xxxxxxxx>
Date: Fri, 04 Mar 2005 06:57:39 -0800
Cc: ietf-pkix@xxxxxxx
In-reply-to: <42281392.4080006@xxxxxxx> (Jean-Marc Desperrier's message of "Fri, 04 Mar 2005 08:51:46 +0100")
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <20050302205815.GL1938@feynman> <b27ed2d6425ab92655dc9c9df3e0d97e@xxxxxxxxxxxxxxxx> <6.2.0.14.2.20050302165007.0888c820@xxxxxxxxxxxxxxxx> <cfcc3ff8ffef51156958d5734a060853@xxxxxxxxxxxxxxxx> <c7a42c97daca97a67d520a1214c53368@xxxxxxxxxxxxx> <86vf883j0m.fsf@xxxxxxxxxxxxxx> <42278031.3090902@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <42281392.4080006@xxxxxxx>
Reply-to: EKR <ekr@xxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Gnus/5.1002 (Gnus v5.10.2) XEmacs/21.4 (Security Through Obscurity, berkeley-unix)

Jean-Marc Desperrier <jmdesp@xxxxxxx> writes:

> Dr Stephen Henson wrote:
>
>> Eric Rescorla wrote:
>>
>>> We have available:
>>>
>>> * A certificate containing key A (retained by the CA)
>>> * A certificate containing key B (retained by the relying party)
>>
> As I said initially I think it may happen, thought not very likely,
> that the relying party think it's safe enough to keep only the
> identification of the certificat for key B, and not the whole
> certificate.
>
> In that case, it would very sensible to the attack.

Well, we know now that people ought not to do that.

-Ekr

References:
- Re: [saag] Another bad day at the hash function factory
  - From: Eric Norman
- Re: [saag] Another bad day at the hash function factory
  - From: Eric Rescorla
- Re: [saag] Another bad day at the hash function factory
  - From: Dr Stephen Henson
- Re: [saag] Another bad day at the hash function factory
  - From: Jean-Marc Desperrier

Prev by Date: Re: [saag] Another bad day at the hash function factory
Next by Date: RE: Comments to SCVP ID 17
Previous by thread: Re: [saag] Another bad day at the hash function factory
Next by thread: Re: [saag] Another bad day at the hash function factory
Index(es):
- Date
- Thread