[cabfpub] SHA-1 exception request

Peter Bowen pzb at amzn.com
Tue Oct 18 23:36:22 UTC 2016


The faster you can get tbsCertificates published the faster the cryptanalysis can happen.

> On Oct 18, 2016, at 4:34 PM, Dean Coclin via Public <public at cabforum.org> wrote:
> 
> While I'm not the technical expert here, assuming we could, wouldn't they
> then need to undergo the 10 day eval period?
> 
> -----Original Message-----
> From: Rob Stradling [mailto:rob.stradling at comodo.com] 
> Sent: Tuesday, October 18, 2016 4:29 PM
> To: Dean Coclin <Dean_Coclin at symantec.com>; Gervase Markham
> <gerv at mozilla.org>; CABFPub <public at cabforum.org>
> Cc: Halliday, Morgan <Morgan.Halliday at firstdata.com>; Sidoriak, Evan S
> <Evan.Sidoriak at firstdata.com>
> Subject: Re: [cabfpub] SHA-1 exception request
> 
> On 19/10/16 00:10, Dean Coclin via Public wrote:
> <snip>
>> We don't really have time to generate new TBS certs with the approved 
>> expiration dates and submit them for cryptanalysis testing (per the
> procedure).
> 
> Can't you just use a hex editor to edit the TBSCertificates that have
> already been generated?
> 
> --
> Rob Stradling
> Senior Research & Development Scientist
> COMODO - Creating Trust Online
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public




More information about the Public mailing list