Whoos with GnuTLS and md5-signed certificates

Andreas Metzler ametzler at downhill.at.eu.org
Sat Feb 14 14:51:46 UTC 2009

On 2009-02-14 Florian Weimer <fw at deneb.enyo.de> wrote:
> * Bastian Blank:
>> GnuTLS stopped accepting MD5 as a proper signature type for certificates
>> just two weeks before the release. While I don't question the decision
>> themself, MD5 is broken since 4 years, I question the timing.

> GNUTLS has rejected RSA-MD5 signatures in X.509 certificate chains
> since version 1.2.9.

It has been documented to do so, however the rejection did not work (in
all cases?).


cu andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-gnutls-maint mailing list