At 10:19 PM -0500 12/30/08, Jerry Leichter wrote:
Robert Graham writes in Errata Security
(http://erratasec.blogspot.com/2008/12/not-all-md5-certs-are-vulnerable.html)
that the attack depends on being able to predict the serial number field that
will be assigned to a legitimate certificate by
Pehr Söderman wrote:
Freshly declassified and a rather interesting read:
A History of U.S. Communications Security (Volumes I and II, 1973)
David G. Boak Lectures, National Security Agency (NSA)
http://www.governmentattic.org/2docs/Hist_US_COMSEC_Boak_NSA_1973.pdf
(From Bruce
On Tue, 30 Dec 2008, Hal Finney wrote:
- The attack relies on cryptographic advances in the state of the art for
finding MD5 collisions from inputs with different prefixes. These advances
are not yet being published but will presumably appear in 2009.
To insert a malicious
