This "column" is a total misplaced piece of propaganda. It's PR spin, plain and simple. It does not bring any clarity to the subject at hand.

What about all of the certificates that RapidSSL and Verisign issued since 1996? And since Wang's attack in 2004? And since 2007?

How many of the submitted certificate signing requests included chosen prefix collisions? And what has Verisign done to detect possible attacks in the past or the future? Verisign certainly hasn't published anything on the subject and it's because they have nothing to show.

How can Verisign answer this question hours after they first learned of the issue? They cannot.

How can it say definitively that there is no risk and that no one has attacked their CAs? Did they even detect the public attack? It seems doubtful.

In addition, the claim of substantial computing power is laughable. The researchers estimated $1000 of Amazon EC2 time for each attempt. Renting a cluster is normal and a botnet isn't an unthinkable resource for an attacker.

Verisign should address the real issues. Verisign should revoke all of the CA certs that have *ever* issued MD5 signatures. Remove MD5 from everything and prepare for the SHA-1 break that is coming.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/488/35310#35310