When looking at the details for "Certificate Signature Algorithm" for gmail, I see:

"PKCS #1 SHA-1 With RSA Encryption"

The "general" tab simply shows both SHA-1 and MD5 fingerprints.

Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all???

If these are still vulnerable, what a headache it will be to update all kinds of certificates.

actions · 2008-Dec-30 12:08 pm ·

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

2 edits

FFH5

Premium Member

2008-Dec-30 12:11 pm

said by amungus:

When looking at the details for "Certificate Signature Algorithm" for gmail, I see:

"PKCS #1 SHA-1 With RSA Encryption"

The "general" tab simply shows both SHA-1 and MD5 fingerprints.

Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all???

If these are still vulnerable, what a headache it will be to update all kinds of certificates.

According to the news item MD5 & SHA1 have the same vulnerability exposure.

actions · 2008-Dec-30 12:11 pm ·

Sir Meowmix III
@205.255.240.x

Sir Meowmix III

Anon

2008-Dec-30 1:24 pm

said by FFH5:

According to the news item MD5 & SHA1 have the same vulnerability exposure.

I do not see this to be the case in my reading. I show that only those signed with MD5 are vulnerable, not those with SHA-1. Even Microsoft seems to indicate this as well, although they're certainly not authoritative source in security.

quote:
Microsoft is not aware of any active attacks using this issue and is actively working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm.

actions · 2008-Dec-30 1:24 pm ·

amungus
Premium Member
join:2004-11-26
America

amungus

Premium Member

2008-Dec-30 1:29 pm

That's how I read it too... which is why I still think the question has some merit.

Barring SHA-1 only hashes, what's the story if you see both??? Is it still (more) secure when both are present, or is it completely irrelevant if one is breakable?

As for the browser idea... that's not a bad thought, but I don't think it'd work as smoothly - it's also incumbent on the user to patch their browser. Would be a more "certain" solution if the server certs themselves were guaranteed to be not using MD5.

Once that's done, the browser wouldn't care. There simply wouldn't be any MD5 hash present to begin with, which would then eliminate the chance of having an insecure hash being present...

actions · 2008-Dec-30 1:29 pm ·

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert to amungus

Mod

2008-Dec-30 4:40 pm

to amungus

The "general" tab simply shows both SHA-1 and MD5 fingerprints.

Does this mean that it's still vulnerable, even if both hashes are present? Does that not matter since MD5 is there at all???

One should distinguish between the fingerprint and the hash used in the signature. Only one hash is used in the digital signature. Any hash of choice could later be used as a fingerprint.

actions · 2008-Dec-30 4:40 pm ·

amungus
Premium Member
join:2004-11-26
America

amungus

Premium Member

2008-Dec-30 4:58 pm

Thanks for the clarification on that

In short, TK's screenshot is what I was originally looking at - hence confusion...

Here's a screenshot of what the quotes I referenced are talking about - how to see what algorithm is being used on the signature.

actions · 2008-Dec-30 4:58 pm ·

Forums → Software and Operating Systems → Security	« Website viruses can't infect you if you use Firefox? • Old AVG issues »
This is a sub-selection from SSL security flaw with MD5 certificates announces today