© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
I haven't read the patch. I only read the prototypes of
the new public functions. What I proposed in comment 36
would not require adding new functions. I proposed a new
error code, SEC_ERROR_
certificate verification functions. If any signature
involved (except the signature in root CA certs) uses a
weak hash algorithm such as MD2 and MD4, the signature or
certificate verification function would fail with
SEC_ERROR_
I think my proposal is difficult to implement right, so
you should feel free to continue work on your proposal.
But it's important that your proposal also be "secure
by default". I suspect that's what your code in comment 37
does. Only the apps that still want to support RSA-MD2
and RSA-MD4 signatures have to do extra work.