Firstly, allow me to recap. A couple of days ago, I reported a presentation at the Chaos Computer Club conference in Berlin which outlined a major problem with the way Certificate Authorities handle message hashing, essentially this attack relied on well-known problems with the MD5 hash algorithm. Problems based on hash collisions, which were previously considered to be theoretical having been discovered in 2004, were now well-lodged within the domain of reality. Have you heard about the news about the reported problem with how Certificate Authorities are handling message hashing? Read on for more information on some security issues with the current Certificate Authorities.

The link for this article located at ITWire is no longer available.