RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

["Santosh Chokhani" <SChokhani@xxxxxxxxxxxx>]

I am a bit concerned about random goo when random goo is one of the
things the attacker uses to cause collision.  This may limit human or
machine's ability to discern mischief.

-----Original Message-----
From: owner-ietf-pkix@xxxxxxxxxxxx [mailto:owner-ietf-pkix@xxxxxxxxxxxx]
On Behalf Of Dr Stephen Henson
Sent: Wednesday, December 31, 2008 1:12 PM
To: ietf-pkix@xxxxxxx
Cc: ietf-smime@xxxxxxx; cfrg@xxxxxxxx; saag@xxxxxxxx
Subject: Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue
CAcertificate


Mike wrote:
> 
> I sent my last message a bit too hastily.  Other ideas that I was
> contemplating should have been mentioned including:
> 
>   - remove any unrecognized extensions
>   - remove tumors
> 
> Those could potentially cause problems if for some reason they were
> actually needed.  This one, though, shouldn't cause trouble:
> 
>   - add a private EKU with a random number (or two) in the OID
> 
> That would not mess up the serial number scheme in use or modify the
> subject name as has been suggested.
> 

Or add a non-critical extension with some randomness in it...

Steve.
-- 
Dr Stephen N. Henson.
Core developer of the   OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson@xxxxxxxxxxxxxxxxxxxxx, PGP key: via homepage.