On Tuesday, 17 January 2017 23:34:20 UTC, Jakob Bohm wrote: > How about "_and versions and strong (>= 256 bits) hashes_",
Frankly any _cryptographic_ hash should be adequate for this purpose. Even for the most creaky crypto hashes I can think of (e.g. MD4) pre-image attacks are theoretical rather than practical, so any colliding document must be produced before the fact, not after. Even if a CA wants to pull the wool over our eyes it seems far, far more likely they'll just straight up lie than concoct some bizarre scheme with producing multiple documents that have identical hashes. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy