Whoos with GnuTLS and md5-signed certificates
Andreas Metzler
ametzler at downhill.at.eu.org
Sat Feb 14 14:51:46 UTC 2009
On 2009-02-14 Florian Weimer <fw at deneb.enyo.de> wrote:
> * Bastian Blank:
>> GnuTLS stopped accepting MD5 as a proper signature type for certificates
>> just two weeks before the release. While I don't question the decision
>> themself, MD5 is broken since 4 years, I question the timing.
> GNUTLS has rejected RSA-MD5 signatures in X.509 certificate chains
> since version 1.2.9.
[...]
It has been documented to do so, however the rejection did not work (in
all cases?).
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list