Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate

[Eric Rescorla <ekr@xxxxxxxxxxxxxxxxxxxx>]

At Thu, 01 Jan 2009 07:51:38 -0800,
Mike wrote:
> 
> 
> Is there anything that could be added to RP software to reliably
> detect and thwart the use of a rogue CA certificate?  Or would
> any attempt to do that just cause too many problems?
> 
> Mike (who is writing "I am not a security expert" 100 times on
>        the chalkboard)

You could certainly add a check for this particular certificate
and any others you discovered. To the extent to which CAs no 
longer use MD5, this would likely quickly clean up the damage.
It's less clear that you could safely detect this kind of
cert in a generic way.

-Ekr