Valid hash algorithms for X.509 certificates
David Marín Carreño
davefx at gmail.com
Wed Dec 31 02:13:10 CET 2008
Related with the MD5 issue, if I am not wrong, currently the only
interoperable hash algorithm for use with X.509 algorithms is SHA-1.
However, in the document [0] it is said that SHA-1 will probably
follow the same fate in a not very long time.
SHA-2 is currently allowed in standard X.509 certificates according to
RFC 4055, but only if RSASSA-PSS is used (at least, I understand it
that way).
Also, a new document "Internet X.509 Public Key Infrastructure:
Additional Algorithms and Identifiers for DSA and ECDSA"[1] is under
development, that includes SHA-2 hashing only when the certificate
uses DSA or ECDSA...
Does anyone know if the IETF is preparing a revision or update to RFC
3279 for deprecating (officially) MD2 and MD5 and including SHA-2 (or
other algorithms) as a proposed "standard" for all kinds of public
keys?
[0] http://www.win.tue.nl/hashclash/rogue-ca/
[1] http://tools.ietf.org/html/draft-ietf-pkix-sha2-dsa-ecdsa-05
--
David Marín Carreño
More information about the Gnutls-devel
mailing list