© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
5466644
demo site
(Get the code!)
I do think that the end-user should be able to override the security weakness warning. - Miron Cuperman
How do we mitigate that a large group of CA's still use MD5 instead of using the SHA certs. We cannot force a change on them and all we would do is remove potentially harmful services from users.
MD5 is still a valid hashing function, just not a valid cryptographic function. We should be pushing as a community for CA's to move to SHA based hashes which are still cryptographically sound.