Differences: OpenPGP vs. X.509
Robert J. Hansen
rjh at sixdemonbag.org
Sat Jan 24 22:15:28 CET 2009
Stefan X wrote:
> Are you sure about the hardwired dependencies to MD5? I know real world
> examples where no MD5 is used at all with X.509 and I am quite sure they
> are standard conform.
Daniel Nagy said it better than I could --
"As far as I can judge, X.509 PKI is still in the state of catastrophic
failure with no obvious way out.
Right now, if my browser (or yours, or anybody else's) tells me that the
site I am browsing presented a certificate issued to it by a legitimate
CA, I cannot be sure that this assertion is true. Rejecting all
certificates with MD5 in their signatures is not a solution (there are
too many out there and replacing them requires non-trivial cooperation
between different parties; no-one can do it acting alone). Not issuing
any more MD5-based certificates is not a solution (who knows how many
rogue CAs are already out there?). In fact, I do not see an easy and
cheap solution out of this mess."
More information about the Gnupg-devel