To the Globus Toolkit user community, Attacks against X.509 certificates using the MD5 hash algorithm have prompted the Globus security committee to re-evaluate the use of MD5 in proxy certificates. We conclude that, while there is not an immediate threat to Globus Toolkit users at this time, due to the difficulty of applying the attack methods to proxy certificates, these attacks further motivate the need to migrate away from the use of the MD5 hash algorithm in proxy certificates. Since proxy certificates are used by other software outside of the Globus Toolkit, input into this process is sought from other software providers or anyone else who might be effected by this change.
Interested parties may follow and contribute to this process using the following bugzilla entry: http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6613 Thank you, Globus Security Committee
