[193848] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: SHA1 collisions proven possisble

daemon@ATHENA.MIT.EDU (Chris Adams)
Mon Feb 27 09:18:43 2017

X-Original-To: nanog@nanog.org
Date: Mon, 27 Feb 2017 08:18:35 -0600
From: Chris Adams <cma@cmadams.net>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <218246.1488186878@turing-police.cc.vt.edu>
Errors-To: nanog-bounces@nanog.org

Once upon a time, valdis.kletnieks@vt.edu <valdis.kletnieks@vt.edu> said:
> There's only 2 certs.  You generate 2 certs with the same hash, and *then* get
> the CA to sign one of them.

The point is that the signed cert you get back from the CA will have a
different hash, and the things that they change that cause the hash to
change are outside your control and prediction.

-- 
Chris Adams <cma@cmadams.net>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[193848] in North American Network Operators' Group

Re: SHA1 collisions proven possisble

daemon@ATHENA.MIT.EDU (Chris Adams)Mon Feb 27 09:18:43 2017

daemon@ATHENA.MIT.EDU (Chris Adams)
Mon Feb 27 09:18:43 2017