OCSP Responders Are An Attack Vector For SHA-1 Collisions

2016-03-08 Thread Andrew Ayer
As we all know, the Baseline Requirements forbid signing certificates with SHA-1 after January 1, 2016. However, both the BRs and Mozilla policy are silent on the topic of OCSP response signatures[1]. Theoretically, CAs could continue to sign OCSP responses with SHA-1 indefinitely. Indeed, among

Re: OCSP Responders Are An Attack Vector For SHA-1 Collisions

2016-03-08 Thread Richard Barnes
On Tue, Mar 8, 2016 at 4:58 PM, Andrew Ayer wrote: > As we all know, the Baseline Requirements forbid signing certificates > with SHA-1 after January 1, 2016. However, both the BRs and Mozilla > policy are silent on the topic of OCSP response signatures[1]. >