x509 v1 certificate

Werner Koch wk at gnupg.org
Mon Sep 25 14:43:23 CEST 2006

On Mon, 25 Sep 2006 13:19, Simon Josefsson said:

> practice.  The signature in a root CA aka trusted anchor is typically
> never verified, so whether it is possible to fake that signature

I agree that it does not make much sense to verify it as you can only
detect root certificates which are buggy.  However this happens quite
easily as verified by the recent tries to replicate the Bleichenbacher
attack :-)

Am not a 100% sure but believe that at the time gpgsm was tested at a
certifcation lab they explicity tested the correctness of the root
certificates.  Will need to look up all the papers to verify this.

> Thus, a RSA-MD5 trust anchor verified using its SHA-1 fingerprint out
> of band should be secure.

Agreed.  However we need to pass the certification.  I'll check in the
next days.



More information about the Gnupg-devel mailing list